Code executing both if and else statements together how do i fix?

Question

the code is running to match username with password and if both correct redirecting to another page but that and the else statements both run

Code:

if (isset($_POST['Login'])) {
    $IncorrectDetails = 0;
    $Username=$_REQUEST['Username'];
    $Password=$_REQUEST['Password'];

    echo "<p> $Username  $Password</p>";

    $myfile = fopen("bin\Account Details.txt", "r") or die("Unable to open file!");
    //reads raw file
    $string = fread($myfile,filesize("bin\Account Details.txt"));
    //turns the string to array
    $a = explode(',', $string);

    foreach ($a as $result) {
        $b = explode('. ', $result);
        $AccountDetails[trim($b[0])] = trim($b[1]);
    }

    //closes file
    fclose($myfile);
    print_r($AccountDetails);

    foreach ($AccountDetails as $StoredUsername => $StoredPassword) {
        if ($StoredUsername == $Username){
            if ($StoredPassword == $Password) {
                header('Location: Main.php');
            }
            else {
                $IncorrectDetails = 1;
            }
        }
        else {
            $IncorrectDetails = 1;
        }
    }

    if ($IncorrectDetails == 1){
        echo "<script type='text/javascript'>alert('Incorrect login details');</script>";
    }
}

its expected to come up with a popup when incorrect and redirect when correct

You have to terminate your code after your redirection, so put an `exit();` after your `header( ... )`. See more here : https://stackoverflow.com/questions/3553698/php-should-i-call-exit-after-calling-location-header — Vincent Decaux, May 29 '19 at 09:49
I wouldn't use a text file to store user credentials - using something like a database gives you much more flexebility. Furthmore, hashing passwords is a good idea as well — , May 29 '19 at 09:49
Additionally to @VincentDecaux's comment, you'll need to remove the outputs to do the header redirect (i.e. the echos and print_r). — Jonnix, May 29 '19 at 09:50

score 0 · Answer 1 · answered May 29 '19 at 10:06

That's beacuse the redirection is not instantaneus, php code still being processed. So, just after header('Location: Main.php'); do exit; to stop at all your script in that point, and let the redirection works.

header('Location: Main.php');
exit;

Also, you musn't print anything before the header() instruction (remove print_r()).

score 0 · Accepted Answer · answered May 29 '19 at 10:37

if (isset($_POST['Login'])) {
    $IncorrectDetails = 0;
    $Username=$_REQUEST['Username'];
    $Password=$_REQUEST['Password'];

    echo "<p> $Username  $Password</p>";

    $myfile = fopen("bin\Account Details.txt", "r") or die("Unable to open file!");
    //reads raw file
    $string = fread($myfile,filesize("bin\Account Details.txt"));
    //turns the string to array
    $a = explode(',', $string);

    foreach ($a as $result) {
        $b = explode('. ', $result);
        $AccountDetails[trim($b[0])] = trim($b[1]);
    }

    //closes file
    fclose($myfile);


    foreach ($AccountDetails as $StoredUsername => $StoredPassword) {
        if ($StoredUsername == $Username && $StoredPassword == $Password){
           $CorrectDetails = 1;
        } else {
            $IncorrectDetails = 1;
        }
    }
  if(isset($CorrectDetails) && $CorrectDetails == 1){
   header('Location: Main.php');  
  }else ($IncorrectDetails == 1){
        echo "<script type='text/javascript'>alert('Incorrect login details');</script>";
    }
}

You are redirect to another page it's not a proper way instead of that you can use a variable just like you have used in else and outside the loop you can redirect to another page.

Code executing both if and else statements together how do i fix?

2 Answers2