Why do not you send me the else in PHP

Question

Why do not you send me the else in PHP

Navigation

#1 by (0 votes)
#2 by (0 votes)

0

<?php

require_once('conexion.php');

   $usuario = $_GET["usuario"];
   $clave = md5($_GET["clave"]);

   $result = mysqli_query($con,"SELECT * FROM usuarios where usuario = '$usuario' and clave = '$clave'" );
   //echo $result;

   if($row = mysqli_fetch_array($result))
   {
      if($row["clave"] == $clave)
      {
         session_start();
         $_SESSION['usuario'] = $usuario;
         header("location: ../index.php");
      }
      else
      {
        echo "(Hola)";

      }
   }
else
{
  ?>
    <script type="text/javascript">
      header.location("../login.php");
      alert("El nombre de usuario es incorrecto!");
    </script>
  <?php
}
mysqli_free_result($result);
mysqli_close($con);

?>

Login html php:

<html>
    <head>
              <meta http-equiv="content-type" content="text/html" />
              <meta name="author" content="www.intercambiosvirtuales.org" />
              <link rel="stylesheet" type="text/css" href="css/bootstrap.css"/>
              <link rel="stylesheet" type="text/css" href="css/estilos.css"/>
              <link rel="stylesheet" href="css/jquery.bootgrid.css"/>
              <link rel="stylesheet" href="font-awesome/css/font-awesome.min.css">
              <link rel="stylesheet" href="css/inicio.css">

              <script src="js/jquery-3.2.1.js"></script>
              <script src="js/jquery.bootgrid.min.js"></script>
              <script src="js/login.js"></script>

        <link rel="stylesheet" href="css/estilos.css" >
    </head>
  <body>
    <BODY BACKGROUND="img/sfondo.jpg">
    <div id="container" style="min-width:800px;">
      <div class="left">
      </div>
       <div class="center">

            <br>
              <h2>LOGIN :v.</h2>
                <div  class="modal-body" style="padding:40px 30px;">
                  <form method="get" action="php/login.php">
                    <br>
                    <label >Usuario:</label>
                    <input type="text" maxleght="8" class="form-control" id="usuario" name="usuario" required>
                    <p>
                    <label>Contrase&ntilde;a: </label>
                    <input type="password" maxleght="8" class="form-control" placeholder="" id="clave" name="clave" required>
                    <p>
                    <p>
                    <input type="submit" value="Registrar" id="boton1"class="btn btn-success" name="boton1">
                    <input type="button" value="Cancelar" class="btn btn-danger" onclick="location.href='login.html'">
                  </form>
                </div>
            </div>
          <div class="right">
          </div>
        </div>
    </body>
</html>

html php

asked by Contreras Angel 26.07.2017 в 17:38

source

2 answers

0

The problem is in the logic of your script:
$result = mysqli_query($con,"SELECT * FROM usuarios where usuario = '$usuario' and clave = '$clave'" );
This variable ($ result) will only be different from null when the 2 fields are equal and in case the password is wrong it will reach the first IF and will not enter it and never compare the key.

As additional information, to the next structure and raise your question better.

answered by 26.07.2017 в 18:10

How can I send an email with php and laravel 5.4? Connection to SQL SERVER xamarin forms for uwp

score 0 · Accepted Answer

Firstly, your query SQL is susceptible to injection SQL I recommend you read the documentation on how to create sentences prepared by security here .

Secondly, you are saying that if you do not have lines your query will go to this ELSE

else
{
  ?>
    <script type="text/javascript">
      header.location("../login.php");
      alert("El nombre de usuario es incorrecto!");
    </script>
  <?php
}

That's why it does not show you the one that contains the echo "Hola" because it does not comply with the first IF since your query searches for a username and password when sending a bad one does not find anything.