else statement is executed even though it shouldn't [duplicate]

113
July 02, 2021, at 04:20 AM
This question already has answers here:
PHP - If/else, for, foreach, while - without curly braces? (12 answers)
Closed yesterday.

I'm working on a project, I have a form with multiple fields, i want to put restrictions on those fields such as passwords should match, the password should have no spaces, and should have special characters, upper case letters, small case letters and numbers, and other restrictions i didn't code yet, the PHP page called registration.php creates an object and accesses another PHP page called validation.php with the restriction functions

the code for the registration.php is

<?php
require_once('dbconnection.php');
require 'validation.php';
  if(isset($_POST['finishreg'])){
      if (!empty('fname') && !empty('lname') && !empty('phone') && !empty('email') && !empty('password') && !empty('password2')){

          $fname = $_POST['fname'];
          $lname = $_POST['lname'];
          $phone = $_POST['phone'];
          $email = $_POST['email'];
          $password = $_POST['password'];
          $password2 = $_POST['password2'];
          
          
          $obj = new Validation();
        //$obj->emailExistCheck($email);
          if($obj->emailFormatCheck($email)==true)
          echo"email format wrong";
          
              
          if($obj->securePasswordCheck($password)==true)
          echo"The password must not have spaces, have an upper case letter a small case letter(s), number(s), and a special";
                        
          
          if($obj->samePasswordCheck($password, $password2)==true)
          echo"passwords don't match"; 
           
          
          else{
              //salt is added by default and cost increased for extra security
              $hashedpass = password_hash($password, PASSWORD_DEFAULT, ['cost' => 15]);
              //pasword_verify($input, $hashedpassword);
              $query ="insert into reg (fname,lname,phone,email,password) values('$fname', '$lname', '$phone', '$email', '$hashedpass')" ;

             $run = mysqli_query($conn, $query) or die(mysqli_error($conn));
             if($run)
             {
                echo  "success";
             }
       
            else
             {
                echo  "failed";
             }
             }
             }
  
  else{
    echo "please fill all the required fields";
  }
}

the code for the validation.php is

    <?php
class Validation
{
    
    function samePasswordCheck($password, $password2)
    {
        if ($password != $password2)
        return true;
    }
    
    function securePasswordCheck($password)
    {
        if (preg_match(//"/^(?=.*\d)(?=.*[A-Z])(?=.*[a-z])[0-9A-Za-z!-\/]{1,}$/", $password)!=1)
                return true;
                
            
        
    }
    
    function emailFormatCheck($email)
    {
        if(!filter_var($email, FILTER_VALIDATE_EMAIL))
        return true;
    }

the problem is when i fill out the form on my page and register, it echos the "securePasswordCheck" error message but it also echos success and it actually enters the data to the database, how is this happening?

*note : the code is not nearly done so please don't mind the comments and weird stuff you might find

one last thig, is all of this a good approach? should i be doing all of this in another way? thank you.

Answer 1

You have multiple if statements but the else is only going to apply for the last one.

      if($obj->samePasswordCheck($password, $password2)==true)
      echo"passwords don't match"; 
      else{

So if passwords match its going to do the else part, regardless of the other checks you had.

You may want to use else if, so that the last else is from the bomintion of the if statements.

if($obj->emailFormatCheck($email)==true)
      echo"email format wrong";
      
          
elseif($obj->securePasswordCheck($password)==true)
      echo"The password must not have spaces, have an upper case letter a small case letter(s), number(s), and a special";
                    
 
elseif($obj->samePasswordCheck($password, $password2)==true)
      echo"passwords don't match"; 
       
else{
READ ALSO
How to update an app in Google play console if you lost a key?

How to update an app in Google play console if you lost a key?

Here's the problem: I transfered an ownership of my app to other dude, and now he's facing a problem with updating it (I lost the key that I used to sign AAB-file)We had already wrote an email to Play Console support

136
CSS and JS are loading with wrong path on my Wordpress pages [closed]

CSS and JS are loading with wrong path on my Wordpress pages [closed]

Want to improve this question? Update the question so it's on-topic for Stack Overflow

133
jQuery select option contains AND not contains text

jQuery select option contains AND not contains text

I have a dropdown with options that look like this :

138
Mapping Java List&lt;&gt; to protobuf repeated string

Mapping Java List<> to protobuf repeated string

I am working on a task where I need to call a service B which takes an argument @RequestBody as a protobuf object from service A

135