vendredi 6 juillet 2018

PHP if/else execution simultaneous

I'm in a weird situation. I'm not a master in PHP but i don't know why but my code execute last if/else at same time and as I guess, normally it's first or second choice.

    function schimbare_pw_confirmata()
{
    if(isset($_POST['SubmitLostPasswordCodeForm']))
    {
        $cont = $_SESSION['user'];
        $newpw = replace($_POST['newPassword']);

        if( (strlen($newpw) < 8) || (strlen($newpw) > 16) )
        {
            $error .= error("Parola trebuie s&#259; con&#355;in&#259; 8-16 caractere.<br>");
        }
        if( !preg_match("#[a-z]+#", $newpw) || !preg_match("#[A-Z]+#", $newpw) )
        {
            $error .= error("Parola trebuie s&#259; con&#355;in&#259; cel pu&#355;in o liter&#259;.<br>");
        }
        if( !preg_match("#[0-9]+#", $newpw) )
        {
            $error .= error("Parola trebuie s&#259; con&#355;in&#259; cel pu&#355;in o cifr&#259;.<br>");
        }
        if( !preg_match("#\W+#", $newpw) )
        {
            $error .= error("Parola trebuie s&#259; con&#355;in&#259; cel pu&#355;in un caracter special. (exemplu: <b>!@#$%^&*()[],./<>?</b>)<br>");
        }

        if($error)
        {
            echo $error;
        }
        else
        {
            mysql_query("Update account.account set password=PASSWORD('$newpw') where login='$cont'");
            mysql_query("Update account.account set passchange_token='1' where login='$cont'");
            $data = date("h:i:s d/m/Y");
            mysql_query("Insert into web.dev_player_log (account,data,actiune) values ('$cont','$data','Parola a fost schimbata in $newpw.')");
            echo succes("Parola a fost modificat&#259; cu succes.");
        }
    }
}

Here it's called this function:

<?php
    include ('inc/configurare.php');

    if(isset($_SESSION['user']) && isset($_SESSION['pass']))
    {
        if(isset($_GET['cod']) && $_GET['cod']!=NULL)
        {   
            $cod = replace($_GET['cod']);
            $log = $_SESSION['user'];
            $vrf = mysql_query("Select * from ".$account_db.".account where passchange_token='$cod' and login='$log'");

            if(mysql_num_rows($vrf)==0)
            {
                echo error("Link incorect sau expirat.");
            }
            else
            { 
            schimbare_pw_confirmata();
?> 
        <h4>Schimbare parol&#259;:</h4>
            Noua parol&#259; : 
            <form action="" method="POST">
                <input type="password" id="newPassword" name="newPassword" value="" maxlength="16" class="iRg_input"/>
                <input id="submitBtn" type="submit" name="SubmitLostPasswordCodeForm" value="Schimb&#259;" class="iR_stats"/>
            </form>
<?php   
            }   
        }
        else 
        {
?>
            <h4>SCHIMBARE PAROL&#258;:</h4>
<?php
            schimbare_pw();
?>
            Din motive de securitate trebuie să confirmi prin email inten&#539;ia de a schimba parola.<Br />
            Pentru a confirma apas&#259; pe linkul primit.<br>
            <div align="right">
                <form action="" name="passwordchangerequestForm" method="POST">
                    <input type="submit" name="passwordchangerequest"  class="buton" value="TRIMITE EMAIL CONFIRMARE"/>
                </form>
            </div>
<?php
        }
?>

<?php
    }
    else
    {
        echo "Zon&#259; restric&#539;ionat&#259;.";
    }
?>

Output when i insert 123 as password:

Parola trebuie să conţină 8-16 caractere. Parola trebuie să conţină cel puţin o literă. Parola trebuie să conţină cel puţin un caracter special. (exemplu: !@#$%^&*()[],./<>?) Parola a fost modificată cu succes.

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)