Wednesday, December 29, 2021

[FIXED] PHP SESSION variable not working when decrementing

      ,      No comments   

Issue

This is my first time using sessions in PHP and it seems I'm doing something logically wrong. I'm coding a forgot password page where the user inputs a randomly generated code to the form and after he clicks submit, displays a message whether the code is correct or not. The user gets 3 attempts to enter the correct code if that's the case is redirected to reset password page else he is redirected to the login page. I'm using a variable called $_SESSION['attempts'] where it is set to 3 in a previous page and $_SESSION['code'] variable to store the randomly generated code also from a previous page.

The error message is correctly displayed, that is when the user input the wrong code, the alert dialog pops up and say that he has 2,1 or 0 attempts left and even if the user inputs the correct code, he is redirected to the reset password page. But after it has reached 0 attempt, the redirect does not work. Any idea how to solve this? Thanks in advance.

Here is the PHP code below :

 <?php
    
    session_start();
    
    if ($_SERVER["REQUEST_METHOD"] == "POST"){

         // input code of the user once it is submitted
        $_code = filter_input(INPUT_POST, 'code');
        
       
        if($_SESSION['attempts']  != 0){
            
                // check if code != the generated code
                if($_code != $_SESSION['code']){
                     
                 $_SESSION['attempts']--;
                     
                    echo "<script type='text/javascript'>alert('ERROR : Wrong code entered. You have {$_SESSION['attempts']} attempts left.');</script>";
                     
                //success - redirect to reset password page
                } else {
                    //header to reset password page
                }
        }
                
    }
    
    
    // if attempts === 0 -> redirect to login page (THIS PART DOESNT WORK)
    
    if (($_SESSION['attempts']=== 0 || $_SESSION['attempts'] === '0')) {
        //header to login page
    }
   
?>

Solution

You have put your 'attemp == 0' condition out of the Post request. Move it to inside of Post request. Then your code should look like below:

session_start();

if ($_SERVER["REQUEST_METHOD"] == "POST"){

    $_code = filter_input(INPUT_POST, 'code');
    
    if($_SESSION['attempts']  != 0){
        
        if($_code != $_SESSION['code']){
                 
        $_SESSION['attempts']--;
                 
        echo "<script type='text/javascript'>alert('ERROR : Wrong code entered. You have {$_SESSION['attempts']} attempts left.');</script>";
        
        } else {
            //header to reset password page
        }
    }
    else {
        echo "Now, I need to go login page";
    }
            
}

?>



Answered By - Gamer In The Game

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...