Hi, I am using a script from Evil Walrus, "Simple.Auth.MySQL" #599, and I am getting this error from IE (localhost website - Mac OSX 10.2.4, latest PHP & MySQL):
Parse error: parse error, unexpected $ in /Library/WebServer/Documents/loginauth.php on line 30
On line 30 (according to BBEdit) is the closing PHP tag "?>"
Which leaves me to question, where is this "$" and is that really line 30 of the loginauth.php script?
In my "passwords" database I have:
users (table)
id, userName, password
Here is the loginauth.php script:
<?php
session_start ();
$sessid =session_id ();
if ( $_session ['userid' ])
{
header ("Location: cstdindex.html" );
}
if ( $_POST ['submit' ] && $_POST ['userName' ] && $_POST ['password' ]) {
$conn =mysql_connect ("localhost" ,"root" ,"xxx" );
mysql_select_db ("passwords" ,$conn);
$test =mysql_result (mysql_query ("SELECT COUNT(*) FROM users WHERE userName='" .$_POST ['user' ]. "' AND password=MD5('" .$_POST ['password' ]. "')" ), 0);
if ( $test == 1) {
$userid =mysql_result (mysql_query ("SELECT id FROM users WHERE userName='" .$_POST ['user' ]. "' AND password=MD5('" .$_POST ['password' ]. "')" ), 0);
$_SESSION ['userid' ] = $userid ;
header ("cstdindex.html" );
}
else
{
mysql_close ($conn );
session_destroy ();
echo '<html>
<head>
<title>Login failed!</title>
</head>
<body>
Invalid login. Please try again <a href="cstdindex.html">here</a>
</body>
</html>';
}
?>
I also have this on every page:
<?php
session_start();
if (!$_SESSION['userid']){
session_destroy();}
?>
And the above and the following on the protected page:
<?
if (!_SESSION['userid']);{
header("Location:cstdindex.html");
}
?>
Thanks for any help.
Simple.Auth.MySQL parse error
Moderator: General Moderators
You're missing a '}' somewhere.
Code: Select all
.
.
.
.
<body>
Invalid login. Please try again <a href="cstdindex.html">here</a>
</body>
</html>';
}
} //<-- extra '}' here!
?>- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
I had a look through the code and aside from the missing brace there appeared to be a couple of other issues. I've posted my amended code below:
and the other included code:
and
Mac
Code: Select all
<?php
session_start();
$sessid = session_id();
// need to use $_SESSION not $_session
if (!empty($_SESSION['userid'])) {
header ('Location: cstdindex.html');
exit(); // prevent code executing after this point
}
if (!empty($_POST['submit']) && !empty($_POST['userName']) && !empty($_POST['password'])) {
// you should really have some error handling for you database connections
@$conn = mysql_connect('localhost', 'root', 'xxx') or die(mysql_error());
@mysql_select_db('passwords', $conn) or die(mysql_error());
// you can simplify the database query code somewhat
$sql = "SELECT id FROM users WHERE userName='" .$_POST['user']. "' AND password=MD5('" .$_POST['password']. "')";
$result = mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
if (mysql_num_rows($result) == 1) {
$row = mysql_fetch_assoc($result);
// there's no need to create a temporary $userid variable
// the result can be stored directly into the session
$_SESSION['userid'] = $row['id'];
// need to add Location: to this header as you had before
header ('Location: cstdindex.html');
exit();
} else {
mysql_close($conn);
session_destroy();
echo '<html>
<head>
<title>Login failed!</title>
</head>
<body>
Invalid login. Please try again <a href="cstdindex.html">here</a>
</body>
</html>';
}
} // closing brace was missing here
?>Code: Select all
<?php
session_start();
if (empty($_SESSION['userid'])) {
session_destroy();
}
?>Code: Select all
<?
// need $_SESSION not _SESSION
// remove semi-colon after if condition
if (empty($_SESSION['userid'])) {
header('Location: cstdindex.html');
}
?>