I'm trying to create a php-based membership program. So far, it's not going so well. I hate to dump my problems on some unwilling coder passerby, but I can't help wanting to finish what I started. Here's my
I keep getting this error:
| Code: |
Parse error: parse error, unexpected T_LNUMBER, expecting ',' or ';' in /home/ddukki/public_html/register02.php on line 24
|
code:
register01.php
| Code: |
<html>
<head>
<title>Registering Test</title>
</head>
<body>
Register here :
<form action="/register02.php" method="post">
First Name<font color="0000ff">*</font>: <input type="text" name="firstname" maxlength="10"><br>
<font size="1">No longer than 10 characters</font><br>
Last Name<font color="0000ff">*</font>: <input type="text" name="lastname" maxlength="20"><br>
<font size="1">No longer than 20 characters</font><br>
Username<font color="0000ff">*</font>: <input type="text" name="username" maxlength="10"><br>
<font size="1">No longer than 10 characters</font><br>
Password<font color="0000ff">*</font>: <input type="password" name="password1" maxlength="7"><br>
<font size="1">No longer than 7 characters</font><br>
Enter Password Again<font color="0000ff">*</font>:<input type="password" name="password2" maxlength="7"><br>
<font size="1">Use the exact same password as above</font><br>
Email (Optional): <input type="text" name="email" maxlength="30"><br>
<font size="1">No longer than 30 characters</font><br>
<input type="submit" value="submit">
<font size="1">An "<font color="0000ff">*</font>" indicates a required field.</font>
</body>
</html> |
register02.php
| Code: |
<html>
<head>
<title>Login Test</title>
</head>
<body>
<?php
require_once 'db_connect.php';
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$username=$_POST['username'];
$password1=$_POST['password1'];
$password2=$_POST['password2'];
$email=$_POST['email'];
if ($password1 == $password2) {
echo 'Login Complete<br>Username: '.$username.'<br>Password: '.$password1.'<br>Email: '.$email;}
else {echo 'The two passwords you entered did not match.';
include 'register01.html';
exit();}
if((!$password1 && !$password2) || ($password1 != $password2) || (!$first_name) || (!$last_name) || (!$email_address) || (!$username) || (!$password1)) {
echo 'You did not submit the following required information!<br>';
if(!$password1 && !$password2) {
echo "You must enter in a <font color="0000ff">Password</font>.<br>";}
if($password1 != $password2) {
echo "The two passwords you entered did not match. Enter in two identical <font color="0000ff">Passwords</font>.<br>";}
if(!$firstname) {
echo "You must enter your <font color="0000ff">First Name</font>.<br>";}
if(!$lastname) {
echo "You must enter your <font color="0000ff">Last Name</font>.<br>";}
if(!$email) {
echo "You must enter your <font color="0000ff">Email</font>.<br>";}
if(!$username) {
echo "You must enter your <font color="0000ff">Username</font>.<br>";}
if(!$password) {
echo "You must enter in a <font color="0000ff">Password</font>.<br>";}
include 'register01.html';
exit();}
$sql_email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);
if(($email_check > 0) || ($username_check > 0)){
echo "Please fix the following errors: <br>";
if($email_check > 0){
echo "<strong>Your email address has already been used by another member in our database. Please submit a different Email address!<br>";
unset($email_address);}
if($username_check > 0){
echo "The username you have selected has already been used by another member in our database. Please choose a different Username!<br>";
unset($username);}
include 'register01.html';
exit();}
?>
</body>
</html> |
Thanks a whole bunch in advanced.[/code] very simple but still took me a while to work out. I do love dreamweavers colours. Pointed out the problem immediatly! 
It's all about double quotes. Your escaping them when you have your font tag
<font color="0000ff">
simply change to
<font color=\"0000ff\">
and that should work
working register02.php
| Code: |
<html>
<head>
<title>Login Test</title>
</head>
<body>
<?php
require_once 'db_connect.php';
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$username=$_POST['username'];
$password1=$_POST['password1'];
$password2=$_POST['password2'];
$email=$_POST['email'];
if ($password1 == $password2) {
echo 'Login Complete<br>Username: '.$username.'<br>Password: '.$password1.'<br>Email: '.$email;}
else {echo 'The two passwords you entered did not match.';
include 'register01.html';
exit();}
if((!$password1 && !$password2) || ($password1 != $password2) || (!$first_name) || (!$last_name) || (!$email_address) || (!$username) || (!$password1)) {
echo 'You did not submit the following required information!<br>';
if(!$password1 && !$password2) {
echo "You must enter in a <font color=\"0000ff\">Password</font>.<br>";}
if($password1 != $password2) {
echo "The two passwords you entered did not match. Enter in two identical <font color=\"0000ff\">Passwords</font>.<br>";}
if(!$firstname) {
echo "You must enter your <font color=\"0000ff\">First Name</font>.<br>";}
if(!$lastname) {
echo "You must enter your <font color=\"0000ff\">Last Name</font>.<br>";}
if(!$email) {
echo "You must enter your <font color=\"0000ff\">Email</font>.<br>";}
if(!$username) {
echo "You must enter your <font color=\"0000ff\">Username</font>.<br>";}
if(!$password) {
echo "You must enter in a <font color=\"0000ff\">Password</font>.<br>";}
include 'register01.html';
exit();}
$sql_email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$sql_username_check = mysql_query("SELECT username FROM users WHERE username='$username'");
$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);
if(($email_check > 0) || ($username_check > 0)){
echo "Please fix the following errors: <br>";
if($email_check > 0){
echo "<strong>Your email address has already been used by another member in our database. Please submit a different Email address!<br>";
unset($email_address);}
if($username_check > 0){
echo "The username you have selected has already been used by another member in our database. Please choose a different Username!<br>";
unset($username);}
include 'register01.html';
exit();}
?>
</body>
</html> |
Yeah, I love the dreamweaver colors too. Indeed very helpful!
In fact, I just got Studio 8 today! (Though I did previously have MX 2004)
Thank you so much! You saved me from utter ... annoyance! Thanks again and happy holidays, mathiaus
I Think will be better to clear GET information in register2.php for security reasons. Just add Once again it's acting up, but this time, it's the actual login sequence.
| Code: |
Parse error: parse error, unexpected $ in /home/ddukki/public_html/logon.php on line 40
|
But on line 40 of the code is the "?>" ending bracket.
| Code: |
<?php
session_start();
include 'db_connect.php';
$username = $_POST['username'];
$password = $_POST['password'];
if((!$username) || (!$password)) {
if(!$username) {
echo "You must enter a Username.<br>";};
if(!$password) {
echo "You must enter a Password.<br>";};
include 'login.html';
exit();}
$password = md5($password);
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password = '$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );}
session_register('id');
$_SESSION['id'] = $id;
session_register('username');
$_SESSION['username'] = $username;
session_register('firstname');
$_SESSION['firstname'] = $firstname;
session_register('lastname');
$_SESSION['lastname'] = $lastname;
session_register('email');
$_SESSION['email'] = $email;
session_register('level');
$_SESSION['level'] = $level;
mysql_query("UPDATE users SET lastlogin=now() WHERE id = '$id');
header('Location: login_success.php');}
} else {
echo 'Login was unsuccessful. Please try again.<hr>';
include 'login.php';}
?> |
Dreamweaver to the rescue again
you forgot a " on this line (35)
| Quote: |
| mysql_query("UPDATE users SET lastlogin=now() WHERE id = '$id'"); |
Last edited by mathiaus on Fri Dec 23, 2005 8:05 pm; edited 1 time in total | mathiaus wrote: |
Dreamweaver to the rescue again
you forgot a " on this line (35)
| Quote: | | mysql_query("UPDATE users SET lastlogin=now() WHERE id = '$id')"; |
|
That should be
| Code: |
| mysql_query("UPDATE users SET lastlogin=now() WHERE id = '$id'"); |
the quote goes inside the close bracket 
True! Thanks for the correction. Thats what I get for trying to rush and get things done quickly! Once again, THANK YOU!!! Now there's something wrong with the database that I'll have to figure out. Thanks again, you two!
[EDIT]
Um ... 
... there's something else. Now it's telling me that something is wrong with this arguement:
| Code: |
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password = '$password'");
$login_check = mysql_num_rows($sql);
|
This is within the same file as above. The error reads as follows:
| Code: |
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/ddukki/public_html/logon.php on line 17
Login was unsuccessful. Please try again. |
Have you got anything in your database? if not that will show
Yes, I definitely have something in the database from registration. The error message still comes up, even after optimizing the table.
| ddukki wrote: |
| Yes, I definitely have something in the database from registration. The error message still comes up, even after optimizing the table. |
The error is coming up because there are no results returned for your query. Could be that either your username or password variables are empty/incorrect or something similar. Either way, your query isnt returning any results (ie is an incorrect login) and you will need to allow for this in your code.
btw, you'll need to run your username and password strings (and anything else you collect from a user) through a make safe function to protect against SQL injections:
| Code: |
function make_safe($variable) {
$variable = addslashes(trim($variable));
return $variable;
} |
Also, this is a slightly more efficient way to query the table:
| Code: |
| $sql = mysql_query("SELECT id FROM users WHERE username='$username' AND password = '$password'"); |
Last edited by JustaMin on Sat Dec 24, 2005 3:12 am; edited 3 times in totalOkay, I guess I'll have to dig into some reference books to find out how to do that. But the slashes thing, I have a code to get rid of them inside the code:
| Code: |
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$$key = stripslashes( $val );} |
[EDIT]
I'm an idiot. I named the table something totally different from what I put in the code. That's what I get for using a tutorial, eh? Thanks for putting up with me for these last 24 hours!
