If statement always executes, even when it shouldn't


#1

Can anyone point out to me why this keeps displaying the html located inside of if ( $auth = true ){}, even if wrong username/password combinations are used? I’m sure it’s something easy. I just can’t see it.

[code]<?php

$auth = false;
$user = $_POST[‘sn’];
$pass = $_POST[‘pw’];
if (isset( $user ) && isset($pass)) {

$db = mysql_connect( ‘localhost’, ‘users’, ‘*****’ )
or die ( ‘Unable to connect to server.’ );

mysql_select_db( 'pwtbl', $db ) 
    or die ( 'Unable to select database.' ); 



$sql = "SELECT * FROM pwtbl WHERE 
        txt_Screename = '$user' AND 
        pw_pass = '$pass'"; 



$result = mysql_query( $sql ) 
    or die ( mysql_error() ); 



mysql_close();

. 

$num = mysql_numrows( $result ); 

if ( $num != 0 ) { 

     

    $auth = true; 

} 

}

if ( $auth = true ) {
echo ’

A bunch of html

';

}

else {
echo ‘Authorization Required.’;
exit;

}

?> [/code]


#2

Weird… try doing this for me and see what it does…

if ( $num > 0 ) {

    $auth = true; 

}

#3

Your if statement says if $auth = true, that shoyuld really be $auth == true. Notice the double equal signs.

Keith