Tricky title, I'm sorry I don't know the right terms for PHP stuff.
But I'm trying to get $msg to go from empty to some text upon incorrect code.
Current code:
<?php
$msg = '';
if ($pass === ("123")) {
echo $msg;
} else {
$msg = 'Wrong code';
}
$pass = ($_POST['code']);
?>
<form autocomplete="off" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);>" method="post" target="_self" accept-charset="UTF-8">
<input type="password" name="code"/>
</form>
What am I doing wrong here?
Solution:
Your code has missing the $ sign at the assignment portion of msg. So i list up some steps for you at the bottom of the post.
After running this you will get an warning E_NOTICE : type 8 -- Undefined variable: pass -- at line 3. Because you did not define $pass. You use ===, which check both type and value, and return false which means the condition goes to else portion and assign the $msg, after whole block the $msg print the Wrong code as output.
$msg = '';
if ($pass === "123") {
echo $msg;
} else {
$msg = 'Wrong code';
}
echo $msg; //Wrong code
As you are coding in the PHP platform, you need to maintain some convention of variable declaration.
Rules for PHP variables: Online Guide
$ sign, followed by the name of the variableYour code:
<?php echo htmlspecialchars($_SERVER['PHP_SELF']);>
is missing the closing ?
Syntax:
<?php [code goes here] ?>
But aside of that, your use of === is testing not just the value, but also the type. Depending on how you get something in $pass [it's not shown in your code], that test could succeed or fail because "123" and 123 are not the same and/or some automatic conversion you're triggering by the 'superfluous' parenthesis you are using around it. If unsure, cast it to string and/or use the == instead of === comparison.
There are a few ways to do this.
Assign "Success" to $msg and it will echo that on success, otherwise you echo $msg = 'Wrong code'; if it fails, along with checking if the POST array is not empty and everything set inside of it.
Plus, the way you have it now, would have thrown you a few notices about undefined variable/index and the POST array was located in the wrong spot along with brackets around 123 which shouldn't be there because you don't need them; it's just extra code for nothing, same for ($_POST['code']).
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
$msg = 'Success'; // or put it as empty, the choice is yours
if(!empty($_POST['code'])){
$pass = $_POST['code'];
if ($pass === "123") {
echo $msg;
} else {
echo $msg = 'Wrong code';
}
}
?>
<form autocomplete="off" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post" target="_self" accept-charset="UTF-8">
<input type="password" name="code"/>
<input type="submit" name="submit">
</form>
Or you can do it like this and using isset() for the $msg variable:
$msg = '';
if(!empty($_POST['code'])){
$pass = $_POST['code'];
if ($pass === "123") {
$msg = 'Success';
} else {
$msg = 'Wrong code';
}
}
if(isset($msg)){
echo $msg;
}
I'm hoping that you're not planning on storing plain text passwords.
Use one of the following:
password_hash() function.Important sidenote about column length:
If and when you do decide to use password_hash() or the compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/, it is important to note that if your present password column's length is anything lower than 60, it will need to be changed to that (or higher). The manual suggests a length of 255.
You will need to ALTER your column's length and start over with a new hash in order for it to take effect. Otherwise, MySQL will fail silently.
Other links of interest: