1

I created php and as3 code for a website login interface. Here's the PHP code: 

<?php

    $con = mysql_connect("xxx", "xxx", "xxx");
    mysql_query($con);
    if (!$con) {
        die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("xxx", $con) or die('no02');
    $username = $_POST['username'];
    $pass = md5($_POST['pass']);
    if ($_POST['systemCall'] == "checkLogin") {
        $select = "SELECT username FROM connexion WHERE username='$username' AND pass='$pass'";
        $query = mysql_query($select);

        $counter = 1;
        while ($row = mysql_fetch_array($query)) {
            $name = $row['username'];
            if ($name == "joe") {
                print "systemResult=joe";
            }
            $counter = $counter + 1;
        }
    }

    mysql_close($con);

?>

Here's the AS3 code :

function dataOnLoad(e: Event) //after pressing submit button 
{
    status1.selectable = false;
    status1.text = e.target.data.systemResult
    status1.autoSize = TextFieldAutoSize.LEFT;
    if (e.target.data.systemResult == "joe") {
        MovieClip(root).gotoAndStop(3);
    } else {
        status2.text = "Doesn't work";
    }
}

Now, every time I press the submit button with the right username and password, I get the right e.target.data.systemResult into status1.text, but I can't figure out why the if statement isn't recognizing the equality between e.target.data.systemResult and joe. It always writes "Doesn't work" into status2.text.

Improve this question
4
  • 2
    Make sure there isn't any whitespace after ?>. You can remove ?>, it is optional. Commented Nov 5, 2011 at 19:22
  • 1
    You should read about SQL injection first of all. Commented Nov 5, 2011 at 19:24
  • Are you sure that the value isn't "Joe" or "JOE" ? Commented Nov 5, 2011 at 19:28
  • 1
    Indent your code properly next time. For your own sake, you won't be able to read your code at increasing complexities. Commented Nov 5, 2011 at 19:40

2 Answers 2

Reset to default
2

I haven't played around in as3 in quite awhile, but based on the description of your problem, I would guess that systemResult is an object type that a strict comparison may not make a match on. Is there a toString() method that you could apply to systemResult to see if that changes your comparison results?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Try to use urlvariables:

function dataLoaded(e:Event)
{
    var phpvars:URLVariables = new URLVariables(e.target.data);

    if (phpvars.systemResult == "joe")
    {
        status2.text = "Works!";
    }
}

and set your php loader dataFormat:

phploader.dataFormat = URLLoaderDataFormat.VARIABLES;
Improve this answer

1 Comment

You could try to trace phpvars and phpvars.systemResult and look what their output is.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.