Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

PHP Login Error

  • 15-01-2008 02:44PM
    #1
    apoch632
    Registered Users, Registered Users 2 Posts: 357 ✭✭


    Just trying to get a simple login working. Keep getting this error. Can anyone see whats wrong cause I can't.

    Parse error: syntax error, unexpected T_STRING in /var/www/testWebPage/login.php on line 19

    Line 19 is the $query line. If i highlight out that line I get the same error on the $error = “Bad Login”; line of code.

    Cheers for any help
    <?php

error_reporting(E_ALL);
//Database Information

$dbhost = "localhost";
$dbname = "login";
$dbuser = "root";
$dbpass = "";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());

session_start();
$username = $_POST[&#8216;username&#8217;];
$password = md5($_POST[&#8216;password&#8217;]);

$query = &#8220;select * from users where username=&#8217;$username&#8217; and password=&#8217;$password&#8217;&#8221;;

$result = mysql_query($query);

if (mysql_num_rows($result) != 1) {
$error = &#8220;Bad Login&#8221;;
    include &#8220;login.html&#8221;;

} else {
    $_SESSION[&#8216;username&#8217;] = &#8220;$username&#8221;;
    include &#8220;memberspage.php&#8221;;
}

?>


Comments

  • #2
    nialo
    Registered Users, Registered Users 2 Posts: 610 ✭✭✭nialo


    my php isnt the strongest so someone correct me if im wrong...

    but should your $query line not be “select * from users where username=’".$username."’ and password=’".$password."' ”;


  • #3
    seamus
    Registered Users, Registered Users 2 Posts: 68,173 ✭✭✭✭seamus


    PHP doesn't recognise “ as a string delimiter. You'll have to replace each instance of this with " (shift + 2).

    nialo - PHP will recognise variables inline in strings. You really only need to concatenate where you're applying a function to the variable or extracting values from an array.


  • #4
    apoch632
    Registered Users, Registered Users 2 Posts: 357 ✭✭apoch632


    Tried that got the same error.

    Cheers anyway


  • #5
    apoch632
    Registered Users, Registered Users 2 Posts: 357 ✭✭apoch632


    seamus wrote: »
    PHP doesn't recognise “ as a string delimiter. You'll have to replace each instance of this with " (shift + 2).

    nialo - PHP will recognise variables inline in strings. You really only need to concatenate where you're applying a function to the variable or extracting values from an array.

    Thanks man.
    That done the trick.

    Thats what i get for copy and pasting


  • #6
    V1P3R
    Registered Users, Registered Users 2 Posts: 32 V1P3R


    you may also want to check the $username var and $password var as they have not been validated and are vulnerable to SQL injection.

    // This will validate the input.
    $username = mysql_real_escape_string($_POST);
    $password = mysql_real_escape_string(md5($_POST));


  • Advertisement
Advertisement