Page 1 of 1

help with an error

Posted: Sat Mar 26, 2005 12:35 pm
by Jeanco
Below is the code I use on my login script, the only variables sent from the form are userName and userPW. I get the error:

Parse error: parse error, unexpected $ in /home/jeanco/public_html/ITS/login.php on line 34

Line 34 is the very last line (?>). Any ideas?

Please note that I start the session on the header of the main template, this is the content area file.

Code: Select all

<?php 

define('MYSQL_HOST', 'localhost');
define('MYSQL_USER', 'myUser');
define('MYSQL_PASS', 'myPass');
define('MYSQL_DB', 'myDB');

if (! mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASS) ) {
	die('Failed to connect to host "' . MYSQL_HOST . '".  Please contact webmaster at webmaster@jeanco.ca');
} else {
	mysql_select_db(MYSQL_DB) or die ("Invalid select: " . mysql_error());

$query = "SELECT * FROM Users WHERE userName = '".$_POST['userName']."' AND userPW = '".$_POST['userPW']."'";

$result = mysql_query($query) or die("Invalid query: " . mysql_error());

while ($row = mysql_fetch_array($result)) {
	echo "Username Entered: ".$_POST['userName']." <br>" .
		 "Password Entered: ".$_POST['userPW']." <br><br>";

	$_SESSION['userName'] = $row['userName'];
	$_SESSION['userPW'] = $row['userPW'];
	$_SESSION['module01'] = $row['module01'];
	$_SESSION['module02'] = $row['module02'];
	$_SESSION['module03'] = $row['module03'];
	$_SESSION['module04'] = $row['module04'];

	if ($_SESSION['module01'] == 1) { echo "User has access to Module #1 <br>"; }
	if ($_SESSION['module02'] == 1) { echo "User has access to Module #2 <br>"; }
	if ($_SESSION['module03'] == 1) { echo "User has access to Module #3 <br>"; }
	if ($_SESSION['module04'] == 1) { echo "User has access to Module #4 <br>"; }

}
?>

Posted: Sat Mar 26, 2005 12:50 pm
by evilmonkey
Logic question:

Are you expecting more than one person to have an identical username and password? If not, why are you using the while loop? Running the operation once should be enough. Remove the loop if you don't need it.

The error comes from you not closing one of your parantheses ( } ) for your else.

Good luck!

Posted: Sat Mar 26, 2005 1:01 pm
by feyd
also, be careful about using $_POST variables directly inside a sql query..