Page 1 of 1

[SOLVED] Gremlins in simple PHP auth script

Posted: Fri Jan 30, 2004 1:04 am
by voodoochylde
Decided to start messing around with PHP/MySQL...and it seems pretty sweet. Unfortunately, I can't even seem to get my frist script right and I've been working on it all day (chasing the aforementioned gremlins for the most part). This script is NOT meant to be a massively secure piece of work; rather it's simply to keep a couple of my g/f's friends out of the main content of the locally hosted (as in apache on localhost) site I'm doing for her...so it doesn't need to be anything too heavy. Also, this was done as an attempt to modify the script I've been working with as part of a tutorial I found.

Anyway, here we go, I suppose.

The specific error I receive when I try to load the file is "Parse error: parse error, unexpected $end in <directory>\ndex.php on line 52". I've checked and re-checked quotations (both double and single), braces, and parentheses. I'm lost...any help is VERY greatly appreciated.

Code: Select all

<?php

if ($submit) &#123;

	$db = mysql_connect("localhost", "root", "");
	mysql_select_db("DBname", $db);
$sql = "SELECT auth_level FROM user WHERE username = '$username' AND password = '$password' ";
	$result = mysql_query($sql) or die(mysql_error());
	while ($row = mysql_fetch_array($result)) &#123; 
		$auth_level = $row&#1111;"auth_level"];
	&#125;

// Retrieve the authorization level from the table
// where the username and password are equal to 
// the values submitted (simple Auth...just with
// permissions).

	if (!mysql_num_rows($result)) &#123;
	echo "Whoa!  Your credentials ain't no good here!  Why don't ya bug me or my girlfriend for a proper login?  Then again, you could just try again...with a correct password...";

	// just bitches at the user for not being logged in/properly authed

	&#125; else &#123;
    setcookie('username', $_POST&#1111;'username'], (time()+2592000), '/', '', 0); 
	setcookie('auth_level', $_POST&#1111;'auth_level'], (time()+2592000), '/', '', 0);
&#125;

//if credentials are good, set the cookie for both username and auth level

	if ($auth_level == "3") &#123;
		 header('Location: login.php');

	&#125;  elseif ($auth_level == "2") &#123;
		 header('Location: login.php');

	&#125; elseif ($auth_level == "1") &#123;
		 header('Location: login.php');
	&#125; elseif ($auth_level == "0") &#123;
		 header('Location: login.php');
	&#125;

 else &#123;
?>
<form method="POST" action="<?php echo $GLOBALS &#1111;'PHP_SELF'];?>">
Name: <input type="text" name="username"><br> 
Password: <input type="password" name="password"><br> 
<input type="submit" name="submit" value="Login">
</form>
<?php

&#125;
?>
Again, thanks in advance for any suggestions.

Posted: Fri Jan 30, 2004 2:02 am
by John Cartwright
Firstly, use the tags for php syntax plz

Posted: Fri Jan 30, 2004 4:41 am
by JayBird
you just missed out a curly brace mate, heres the code corrected

Code: Select all

<?php 

if ($submit) { 

   $db = mysql_connect("localhost", "root", ""); 
   mysql_select_db("DBname", $db); 
	$sql = "SELECT auth_level FROM user WHERE username = '$username' AND password = '$password' "; 
   $result = mysql_query($sql) or die(mysql_error()); 
   while ($row = mysql_fetch_array($result)) { 
      $auth_level = $row["auth_level"]; 
   } 

// Retrieve the authorization level from the table 
// where the username and password are equal to 
// the values submitted (simple Auth...just with 
// permissions). 

   if (!mysql_num_rows($result)) { 
   echo "Whoa!  Your credentials ain't no good here!  Why don't ya bug me or my girlfriend for a proper login?  Then again, you could just try again...with a correct password..."; 

   // just bitches at the user for not being logged in/properly authed 

   } else { 
    setcookie('username', $_POST['username'], (time()+2592000), '/', '', 0); 
   setcookie('auth_level', $_POST['auth_level'], (time()+2592000), '/', '', 0); 
   } 

//if credentials are good, set the cookie for both username and auth level 

   if ($auth_level == "3") { 
       header('Location: login.php'); 

   }  elseif ($auth_level == "2") { 
       header('Location: login.php'); 

   } elseif ($auth_level == "1") { 
       header('Location: login.php'); 
   } elseif ($auth_level == "0") { 
       header('Location: login.php'); 
   } 

} else { 
?> 
<form method="POST" action="<?php echo $GLOBALS ['PHP_SELF'];?>"> 
Name: <input type="text" name="username"><br> 
Password: <input type="password" name="password"><br> 
<input type="submit" name="submit" value="Login"> 
</form> 
<?php 

} 
?>
Mark

Posted: Fri Jan 30, 2004 9:33 am
by voodoochylde
Phenom, sorry; didn't see that option while I was frantically typing last night. Thanks for bringing that to my attention.

Bech100, you're absolutely right...I found it this morning after 6 hours of not looking at the code. As usual, I'd stared at it so long that I was missing small stuff like that. Thanks.