SQL User Verification
Posted: Sat Feb 28, 2009 3:16 pm
I wrote this php script to verify user information and hopefully set a session for them. The idea is that they enter their credentials on a login page which posts it to the next page of which contains the following code...this page will eventually contain forms and scripts for uploading documents. For now I'm just concerned with the basics. When I submit my credentials, it loads this page, but with a parse error at the very last line.(</html>). I have run through this page a dozen times and it's obvious I'm missing something in the php script(s) because the markup is fine. Can someone maybe take a look and give me a few pointers? Thanks for the help.(sorry for the mess):
Code: Select all
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script language='JavaScript'>
/* Used by PLCBM */
function PL_adjustPath(path) {
if ((path.charAt(0)=='/' || path.charAt(0)=='\\') && window.location.href.substr(0,5)== 'file:') path = 'localhost' + path;
return path;
}
</script>
<title>DeArmond and Associates Bankruptcy Firm</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<!-- **** layout stylesheet **** -->
<link rel="stylesheet" type="text/css" href="style/style.css" />
<!-- **** colour stylesheet **** -->
<link rel="stylesheet" type="text/css" href="style/colour.css" />
<style type="text/css">
<!--
#main #logo h1 strong {
color: #1B1B1B;
}
#main #logo h1 strong {
color: #F4F4F4;
}
-->
</style>
<script language='JavaScript'>document.write("<scr"+"ipt language='JavaScript' SRC='" + PL_adjustPath("/Pluginlab/Scripts/PL_cbmenu.js") + "'></scr"+"ipt>");/* Used by PLCBM */</script>
</head>
<body>
<!-- DO NOT MOVE! The following AllWebMenus linking code section must always be placed right AFTER the BODY tag-->
<!-- ******** BEGIN ALLWEBMENUS CODE FOR menu ******** -->
<script type="text/javascript">var MenuLinkedBy="AllWebMenus [4]",awmMenuName="menu",awmBN="762";awmAltUrl="";</script><script charset="UTF-8" src="menu.js" type="text/javascript"></script><script type="text/javascript">awmBuildMenu();</script>
<!-- ******** END ALLWEBMENUS CODE FOR menu ******** -->
<div id="main">
<div id="logo"><h1><strong>DeArmond and Associates</strong></h1></div>
<div id="menubar">
<ul id="menu">
</ul>
<div id="search">
<table cellspacing="0" style="border-collapse: collapse" width="250" id="AutoNumber1" height="69">
<tr><td background="style/menu.png" width="226" height="68" align="center">
<font face="Arial" size="1" color="#D5888F"><br>
<script type="text/javascript">
function goTo()
{
var url = document.forms[0].url.value;
var rurl = document.forms[0].rurl.value;
var query = document.forms[0].query.value;
window.location = url+'?query='+query+rurl;
return false;
}
</script>
<form action="" method="get" onsubmit="return goTo()"><input type="hidden" name="url" id="url" value="search.php">
<input type="hidden" name="rurl" id="rurl" value="&results=10&search=1">
<input type="text" name="query" id="query" size="20">
<input type="submit" value="Search">
</form></td></table>
</div>
</div>
<div id="site_content">
<div class="sidebar">
<div class="sidebaritem">
<h3>Navigation</h3>
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="faq.html" title="">FAQ</a></li>
<li><a href="login.php" title="">Login</a></li>
<li><a href="contactinfo.html" title="">Contact Info</a></li>
</ul>
</div>
<div class="sidebaritem">
<h3>Bankruptcy Law</h3>
<ul>
<li><a href="newlaw.html" title="">What changed?</a></li>
<li><a href="chapter7.html" title="">Chapter 7</a></li>
<li><a href="chap13.html" title="">Chapter 13</a></li>
</ul>
</div>
<div class="sidebaritem">
<h3>What's Next?</h3>
<ul>
<li><a href="servicesrendered.html" title="How We Can Help...">What can we do for you?</a></li>
<li><a href="requireditems.html" title="Required Items">Things we need from you first.</a></li>
</ul>
</div>
</div>
<div id="content"><h1>Client Login</h1>
<!-- **** INSERT PAGE CONTENT HERE **** -->
<?php
if (isset ($_POST['user_id']) && isset ($_POST['user_pass']))
{
$conn = mysql_connect("localhost","client","");
$user_id = $_POST['user_id'];
$user_pass = $_POST['user_pass'];
}
if (!$conn)
{
die('Could not connect: ' . mysql_error());
}
else
{
mysql_select_db("tbl_client_login", $conn);
$result = mysql_query("SELECT user_id,user_pass FROM tbl_client_login WHERE user_id=$user_id,user_pass=$user_pass);
$creds = mysql_fetch_array($result);
$verify = array('$user_id','$user_pass');
}
if (!$verify = $creds)
{
Echo <h1>Invalid Username or Password, Please try again.</h1>;
}
else
$_SESSION[logged_in]=1;
?>
<p>
</p>
</div>
</div>
</div>
<div id="footer"> DeArmond and Associates © 2009 | <a href="index.html">Login | </a><a href="mailto:info@XXXXX.com">E-mail</a>
</div>
</div>
</body>
</html>