Else statement not working and idk why

Question

My else statement where I have the header going back to test.php page isn't working and I don't have any idea why but the if/true statement is working fine and sending the person to the passengerHome.php page when they entered the correct credentials

<?php
    //Feedback variable to update user of system status
        $feedback= "";
    //retrieve the details from the POST Global Variable
      $user = $_POST['username'];
        $pass = $_POST['password'];


    validate($user, $pass);
    if($feedback != ""){
      Header("Location:../presentation/passengerLogin.php?feedbackMsg=$feedback");
    }else {//check the database to see if the username and password combination matches
        //clean and format the data
            sanitize($user);
            sanitize($pass);
            //include connection string
            include("../data/dbConnection.php");

                if ($stmt = mysqli_prepare($mysqli, "SELECT  commuteType, status, passengerID FROM tblPassenger WHERE username = ? AND password = ?"))
                //bind parameters for markers
                                mysqli_stmt_bind_param($stmt, "ss", $user, $pass);
                                //execute query
                                mysqli_stmt_execute($stmt);

                                //bind value holders to result set
                                mysqli_stmt_bind_result($stmt,  $ct, $status, $passenger);
                                if (mysqli_stmt_fetch($stmt))
                    {
                        session_start();
                        $_SESSION['commuteType'] = $ct;
                        $_SESSION['status'] = $status;
                        $_SESSION['passengerID'] = $passenger;
                        if ($ct == "passenger" && $status == 1 && $passenger != "") {
                            Header("Location: ../presentation/passengerHome.php");
                        }else{
                            Header("Location: ../presentation/test.php");
                        }


                    }

    }


    //Function to SANITIZE (Clean) datax`
    function sanitize($data){
      $data = trim($data);
      $data = stripslashes($data);
      $data = filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS);
      $data = filter_var($data, FILTER_SANITIZE_STRING);
      $data = filter_var($data, FILTER_SANITIZE_STRING);
      $data = filter_var($data, FILTER_SANITIZE_STRING);

      //for,at data for storage (maintain uniformity)
      $data = strtolower($data);
      $data = ucfirst($data);
    //validate($first, $last, $gen, $a, $user, $pass, $em, $add);
      //finally... return the cleaned and formatted data
      return $data;
    }//end sanitize function



      function validate($userVal, $passVal){
            global $feedback;

        if($userVal == null || $userVal == ""){
          $feedback .= "Username required<br/>";
        }else {
          $feedback .= "";
        }
        if($passVal == null || $passVal == ""){
          $feedback .= "Password required<br/>";
        }else {
          $feedback .= "";
        }
      }
     ?>

`global $feedback;` very bad paractise, using global variables in a function. Why not? `$feedback = validate($userVal, $passVal)`; — JustOnUnderMillions, Apr 04 '17 at 12:32
**Never store plain text passwords!** Please use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). Make sure you ***[don't escape passwords](http://stackoverflow.com/q/36628418/1011527)*** or use any other cleansing mechanism on them before hashing. Doing so *changes* the password and causes unnecessary additional coding. — Jay Blanchard, Apr 04 '17 at 13:00

score 0 · Answer 1 · answered Apr 04 '17 at 12:30

0

You have

$ct = "passenger"

in your else statement, which is not a comparison. Make it

$ct == "passenger"

answered Apr 04 '17 at 12:30

Тодор Иванов

357
3
18

Yea i didn't saw thank you for letting me know but Im still having the problem. – Anthony Jones Apr 04 '17 at 12:33
You also never set the $feedback variable some value, so you're not entering in the first "else" section. Check that aswell. – Тодор Иванов Apr 04 '17 at 12:37
Aite imma check it out – Anthony Jones Apr 04 '17 at 12:39

score 0 · Answer 2 · answered Apr 04 '17 at 12:32

0

There is a mistake:

if ($ct = "passenger" && $status == 1 && $passenger != "") {

It should be if ($ct == "passenger" && $status == 1 && $passenger != "") {

answered Apr 04 '17 at 12:32

Dipanwita Kundu

1,637
1
9
14

Yea i didn't saw thank you for letting me know but Im still having the problem. – Anthony Jones Apr 04 '17 at 12:33
did you print these values `$ct , $status $passenger ` to check their value? I mean to say are you sure this `if`condition is satisfied? – Dipanwita Kundu Apr 04 '17 at 12:37

score 0 · Accepted Answer · answered Apr 04 '17 at 12:32

0

You have written

$ct = "passenger"

which is assignment statement if condition, it is always true, therefore else block is not executed

answered Apr 04 '17 at 12:32

mindaJalaj

448
3
11

Yea I already changed it to == already but when I put in the wrong credentials it sends me to the logic page – Anthony Jones Apr 04 '17 at 12:36

Else statement not working and idk why

3 Answers3