Help with php code please
Posted: Thu Aug 11, 2011 12:23 pm
Hi i'm having problems with this php code its coming up with an error message sayin that line 7 is a problem.
<?
/* Check User Script */
session_start(); // Start Session
include 'db.php';
// Conver to simple variables
$username = mysql_real_escape_string($_POST['username'];
$password = mysql_real_escape_string($_POST['password'];
if((!$username) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'login_form.html';
exit();
}
// Convert password to md5 hash
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );
}
// Register some session variables!
session_register('first_name');
$_SESSION['first_name'] = $first_name;
session_register('last_name');
$_SESSION['last_name'] = $last_name;
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('referred_by');
$_SESSION['referred_by'] = $referred_by;
session_register('referral_code');
$_SESSION['referral_code'] = $referral_code;
session_register('partypoker_username');
$_SESSION['partypoker_username'] = $partypoker_username;
session_register('special_user');
$_SESSION['user_level'] = $user_level;
mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
header("Location: login_success.php");
}
} else {
echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br />
Please try again!<br />";
include 'login_form.html';
}
?>
Can anyone help me please and tell me what i've done wrong. Thanks
Code: Select all
/* Check User Script */
session_start(); // Start Session
include 'db.php';
// Conver to simple variables
$username = mysql_real_escape_string($_POST['username'];
$password = mysql_real_escape_string($_POST['password'];
if((!$username) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'login_form.html';
exit();
}
// Convert password to md5 hash
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );
}
// Register some session variables!
session_register('first_name');
$_SESSION['first_name'] = $first_name;
session_register('last_name');
$_SESSION['last_name'] = $last_name;
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('referred_by');
$_SESSION['referred_by'] = $referred_by;
session_register('referral_code');
$_SESSION['referral_code'] = $referral_code;
session_register('partypoker_username');
$_SESSION['partypoker_username'] = $partypoker_username;
session_register('special_user');
$_SESSION['user_level'] = $user_level;
mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
header("Location: login_success.php");
}
} else {
echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br />
Please try again!<br />";
include 'login_form.html';
}
?>
Can anyone help me please and tell me what i've done wrong. Thanks