TSTRING PROBLEM! i come from sweden..

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ogge92
Forum Newbie
Posts: 1
Joined: Wed Feb 19, 2003 11:34 am

TSTRING PROBLEM! i come from sweden..

Post by ogge92 »

Before you read the other text:
i come from sweden so i may not write everything so good

The problem is that my code shows the message:
T_STRING in c:\program\easyphp\www\sidan\login\check.php on line 12

in this code:

Code: Select all

&#1111;php]<?php 
session_start(); 
$username=$_POST&#1111;'username']; 
$password=$_POST&#1111;'password']; 
$open = mysql_connect("localhost", "gefan", "gefan"); 
mysql_select_db("users", $open); 
$sql = "SELECT id FROM users WHERE username='$username' AND password='$password'"; 
$result = mysql_query($sql); 
if (mysql_num_rows($result) == 0) &#123; 
  header("Location: /sidan/login/wrong.php"); 
  exit; 
&#125; 
else &#123; 
$connect = mysql_connect("localhost", "imitt", lösenord"); 
mysql_select_db("users", $connect); 
mysql_query("UPDATE users SET senast=now(),antalbesok=antalbesok+1 WHERE username='$username'"); 
  $_SESSION&#1111;'id'] = mysql_result($result, 0); 
  $_SESSION&#1111;'username'] = $_POST&#1111;'username'];  
  header("Location: /sidan/start/index.php"); 
  exit; 
&#125; 
?>
?>&#1111;/php]
what is my problem?
?>
RedDragon
Forum Newbie
Posts: 7
Joined: Wed Feb 19, 2003 3:16 pm
Contact:

Post by RedDragon »

the only thing i could imagine would be that $password or $username contain invalid characters such as ' or " which would kill the query syntax:

example:

$username = "''John''";
$sql = "SELECT id FROM users WHERE username='$username'

this would be parsed as
$sql = "SELECT id FROM users WHERE username=''John'';
which is not valid syntax...


hope you understood me :P
User avatar
Stoker
Forum Regular
Posts: 782
Joined: Thu Jan 23, 2003 9:45 pm
Location: SWNY
Contact:

Post by Stoker »

its obveious; You're sweedish!
:wink: I'm Norwegian so it's mandatory to pick on sweedes.. :D

in
$connect = mysql_connect("localhost", "imitt", lösenord");
you are missing a quote before the password..
Post Reply