Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP Login Error

  • 15-01-2008 1:44pm
    #1
    Registered Users, Registered Users 2 Posts: 357 ✭✭


    Just trying to get a simple login working. Keep getting this error. Can anyone see whats wrong cause I can't.

    Parse error: syntax error, unexpected T_STRING in /var/www/testWebPage/login.php on line 19

    Line 19 is the $query line. If i highlight out that line I get the same error on the $error = “Bad Login”; line of code.

    Cheers for any help
    <?php
    
    error_reporting(E_ALL);
    //Database Information
    
    $dbhost = "localhost";
    $dbname = "login";
    $dbuser = "root";
    $dbpass = "";
    
    //Connect to database
    
    mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
    mysql_select_db($dbname) or die(mysql_error());
    
    session_start();
    $username = $_POST[&#8216;username&#8217;];
    $password = md5($_POST[&#8216;password&#8217;]);
    
    $query = &#8220;select * from users where username=&#8217;$username&#8217; and password=&#8217;$password&#8217;&#8221;;
    
    $result = mysql_query($query);
    
    if (mysql_num_rows($result) != 1) {
    $error = &#8220;Bad Login&#8221;;
        include &#8220;login.html&#8221;;
    
    } else {
        $_SESSION[&#8216;username&#8217;] = &#8220;$username&#8221;;
        include &#8220;memberspage.php&#8221;;
    }
    
    ?>
    


Comments

  • Registered Users, Registered Users 2 Posts: 610 ✭✭✭nialo


    my php isnt the strongest so someone correct me if im wrong...

    but should your $query line not be “select * from users where username=’".$username."’ and password=’".$password."' ”;


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    PHP doesn't recognise “ as a string delimiter. You'll have to replace each instance of this with " (shift + 2).

    nialo - PHP will recognise variables inline in strings. You really only need to concatenate where you're applying a function to the variable or extracting values from an array.


  • Registered Users, Registered Users 2 Posts: 357 ✭✭apoch632


    Tried that got the same error.

    Cheers anyway


  • Registered Users, Registered Users 2 Posts: 357 ✭✭apoch632


    seamus wrote: »
    PHP doesn't recognise “ as a string delimiter. You'll have to replace each instance of this with " (shift + 2).

    nialo - PHP will recognise variables inline in strings. You really only need to concatenate where you're applying a function to the variable or extracting values from an array.

    Thanks man.
    That done the trick.

    Thats what i get for copy and pasting


  • Registered Users, Registered Users 2 Posts: 32 V1P3R


    you may also want to check the $username var and $password var as they have not been validated and are vulnerable to SQL injection.

    // This will validate the input.
    $username = mysql_real_escape_string($_POST);
    $password = mysql_real_escape_string(md5($_POST));


  • Advertisement
Advertisement