0

This code works in the older version of mysql that is below 5.7 but it does not work in the current one. It always selects the last else statement. Is there anything wrong with the code please.

    if($action == 'login')
    {           
        $login_id = strip_tags($_POST['login-id']);
        $security_code = strip_tags($_POST['security-code']);
        $check_login = $db->prepare("SELECT COUNT(*) AS rows FROM login WHERE login_id = ?  AND security_code = ?");
        $check_login->execute(array($login_id, $security_code));
            
        $data = $check_login->fetch();
        $rows = $data['rows'];
            
        if($rows > 0 )
            {
                $query = $db->prepare('SELECT * FROM login WHERE login_id = ? AND security_code = ?');
                $query->execute(array($login_id, $security_code));
                $data = $query->fetch();
                $login_id = $data['login_id'];
                            
                $_SESSION['login_id'] = $login_id;
                
                if($login_id == 'admin' or $login_id == 'webmaster')
                {
                    $_SESSION['admin'] = true;
                    header("Location:../control-panel.php");
                    exit;
                }
                else
                
            }
            else
            {
                header('Location:../index.php?m=invalid');
    }
Evans King
  • 1
  • 1
  • Have you checked that `$login_id` and `$security_code` are in fact the values you expect them to be by ecchoing them out or debugging with a breakpoint there? – Wesley Smith Jul 05 '20 at 02:28
  • why is there an empty `else` after the 3rd if? might just be an editing mistake in your post, but if not, def remove that – Wesley Smith Jul 05 '20 at 02:38
  • there is not supposed to be the else there. Also the values that i echoed are what i expected. it actually works in the 5.7 but not in the latest one – Evans King Jul 05 '20 at 03:12
  • @EvansKing Do you have try to execute the sql query directly in the database of the mysql of the current one where you think that query is not working. So you can make sure the that there is not the problem in the mysql side. – Bhavin Thummar Jul 05 '20 at 03:43
  • @Bhavin Thummar Yes I just did. It is not from the side of the sql. – Evans King Jul 05 '20 at 04:14
  • Thanks guys... the answer was to put a quotation marks around the row as in $check_login = $db->prepare("SELECT COUNT(*) AS "rows" FROM login WHERE login_id = ? AND security_code = ?"); @ Your Common Sense. It was not the same as the question you used to close this. – Evans King Jul 05 '20 at 10:04

0 Answers0