timx1981

September 14, 2006

to all who were helping me with this problem I thank you, however I believe I have remedied the problem.

September 14, 2006

Ok. Let me take a step back here and explain what I am trying to accomplish. I have been doing tutorial after tutorial trying to come up with a semi-secure login script for my website. I found bits and pieces that I liked from multiple sources. I believe I have everything working so far minue the registration code, which is what I have been posting about. I did remove some code from it, but I will now post it in its entirety. I really do appreciate the help.

Thanks.

[code]<?
require_once($_SERVER['DOCUMENT_ROOT'].'/db_connect.php');

//SEE IF ALREADY LOGGED IN

if($_SESSION['logged_in'] == 1)
{
//REDIRECT TO HOMEPAGE
header('Location: http://' . $_SERVER['HTTP_HOST'] . '');
} else {

if(isset($HTTP_POST_VARS['submit']))
{

//BEGIN CHECKING USERNAME...

if(!$_POST['username']) die('Alert: username field was blank.');

//array of invalid characters
$junk = array('.', ',', '/', '`', ';', '[', ']', '-', '_', '*', '&', '^', '%', '$', '#', '@', '!', '~', '+', '(', ')', '|', '{', '}', '<', '>', '?', ':', '"', '=');
//starting lenght of username
$len = strlen($_POST['username']);

//replace invalid characters
$_POST['username'] = str_replace($junk, '', $_POST['username']);
$test = $_POST['username'];

//if lenghts are different ($len smaller), invalid characters found, so prompt error.
if(strlen($test) != $len) {
die('Username Error: Username contained invalid characters. You can only use A-Z, 0-9 and the

underscore (_).');
}

//Check if username already exists...

$q2 = mysql_query("SELECT * FROM `members` WHERE `username` = '".$_POST['username']."'");
$q3 = mysql_fetch_object($q2);

if($q3->username == $_POST['username']) {
die('<BR><BR>Sorry, but the username "'.$q3->username.'" is taken, please choose another.');
}

//PASSWORD

if(!$_POST['password']) {
die('Error: Password field was blank');
}
if(!$_POST['verify_password']) {
die('Error: Verify Password field was blank.');
}
if($_POST['password'] != $_POST['verify_password']) {
die('Error: The passwords do not match.');
}
if(strlen($_POST['password']) < 6 ) {
die('Error: Your password is too short. Must be 6 or more characters in length.');
}

//ADD NEW MEMBER

$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',

'".md5($_POST['password'])."', '".$_POST['email']."')";

$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());

echo('Registration Successful, Welcome new member! You can now login to your new account. <a href=\login.php\>Login</a>"');

} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6

characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>

</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>
[/code]

September 14, 2006

here is the entire piece of code. I really thought that the problem would have been withing the section I posted, but here is the rest of it.... Thanks for the reply. Please help if you are able.

<?
{

//BEGIN CHECKING USERNAME...

if(!$_POST['username']) die('Alert: username field was blank.');

//array of invalid characters
$junk = array('.', ',', '/', '`', ';', '[', ']', '-', '_', '*', '&', '^', '%', '$', '#', '@', '!', '~',

'+', '(', ')', '|', '{', '}', '<', '>', '?', ':', '"', '=');
//starting lenght of username
$len = strlen($_POST['username']);

//replace invalid characters
$_POST['username'] = str_replace($junk, '', $_POST['username']);
$test = $_POST['username'];

//if lenghts are different ($len smaller), invalid characters found, so prompt error.
if(strlen($test) != $len) {
die('Username Error: Username contained invalid characters. You can only use A-Z, 0-9 and the

underscore (_).');
}

//Check if username already exists...

$q2 = mysql_query("SELECT * FROM `members` WHERE `username` = '".$_POST['username']."'");
$q3 = mysql_fetch_object($q2);

if($q3->username == $_POST['username']) {
die('<BR><BR>Sorry, but the username "'.$q3->username.'" is taken, please choose another.');
}

//PASSWORD

if(!$_POST['password']) {
die('Error: Password field was blank');
}
if(!$_POST['verify_password']) {
die('Error: Verify Password field was blank.');
}
if($_POST['password'] != $_POST['verify_password']) {
die('Error: The passwords do not match.');
}
if(strlen($_POST['password']) < 6 ) {
die('Error: Your password is too short. Must be 6 or more characters in length.');
}

//ADD NEW MEMBER

$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',

'".md5($_POST['password'])."', '".$_POST['email']."')";

$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());

echo('Registration Successful, Welcome new member! You can now login to your new account. <a

href=\login.php\>Login</a>"');

} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6

characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>

</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>

September 14, 2006

Hi,
I am trying to learn php and have run into a snag. I am getting this error, "Parse error: syntax error, unexpected T_ELSE in /mounted-storage/home28a/sub002/sc25473-ELFX/www/register.php on line 60"
from the following code. If anyone can help me with this I would greatly appreciate it.
Thanks,

//ADD NEW MEMBER

$insert ="INSERT INTO `members` (username, user_password, user_email) VALUES ('".$_POST['username']."',

'".md5($_POST['password'])."', '".$_POST['email']."')";

$insert2 = mysql_query($insert);
if(!$insert2) die(mysql_error());

echo('Registration Successful, Welcome new member! You can now login to your new account. <a

href=\login.php\>Login</a>"');

} else {
?>
<table>
<form name="signup" action="<? $_SERVER['PHP_SELF']; ?>" method="POST">
<tr>
<td>Username: <BR> (only A-Z, 0-9 and _ Allowed)<BR></td>
<td><input type="text" id ="username" name="username" value="" maxlength="30"> <BR></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="" maxlength="30"><BR> (minimum 6

characters)</td>
</tr>
<tr>
<td>Verify Pass:</td>
<td><input type="password" id="verify_password" name="verify_password" value="" maxlength="30"><BR>

</td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" id="email" name="email" value="" size="30"><br></td>
</tr>
<tr>
<td>Click to Complete Signup:</td>
<td><input type="submit" id="submit" name="submit" value="submit"></td>
</tr>
</form>
</table>
<?
} //end not logged in
} //end submit not pressed
?>

Sign In

timx1981

Posts

Joined

Last visited

Content Type

Profiles

Forums

Posts posted by timx1981

Parse Error

Parse Error

Parse Error

Parse Error

Browse

Activity

Important Information