Parse error: parse error, unexpected $ login.php on line 61 < Its the last line

[cameeob2003]

Ok this is not like my last post but in a way is I cant find out which line in this script is causing me to get the error. There is no more to the script than what is seen here if anyone could help me that would be great.

Parse error: parse error, unexpected $ login.php on line 61

[code]
<?php
session_start();

header("Cache-control: private");

$user = $_POST['username'];
$pass = $_POST['password'];

include("db.php");

// Check to see if the user exists.

$sql_user_check = "SELECT * FROM users WHERE username='$user'";
$result_name_check = mysql_query($sql_user_check);
$userfound = mysql_num_rows($result_name_check);

// If the user is not found note that and end.
if($userfound < 1){
$error = "User $user was not found in the database.";

// If the user does exist continue with processing.
}else{
// Checking if password match.
$sql_pass_get = "SELECT * FROM users WHERE username='$user'";
$user_info = mysql_fetch_array(mysql_query($sql_pass_get));
$encryptpass = $user_info['encryptpass'];

// If password does not match then end.
if($encrytpass != md5($pass)){
$error = "Invalid Password. Try again.";

// If the passwords do match, let in and go to the session variables.
}else{
$_SESSION['userid'] = $user_info['userid'];
$_SESSION['first_name'] = $user_info['first_name'];
$_SESSION['last_name'] = $user_info['last_name'];
$_SESSION['username'] = $user_info['username'];
$_SESSION['password'] = $user_info['password'];
$_SESSION['encryptpass'] = $user_info['encryptpass'];
$_SESSION['email'] = $user_info['email'];
$_SESSION['location'] = $user_info['location'];
$_SESSION['steamid'] = $user_info['steamid'];
$_SESSION['handle'] = $user_info['handle'];
$_SESSION['bio'] = $user_info['bio'];
$_SESSION['photo'] = $user_info['photo'];
$_SESSION['team_name'] = $user_info['team_name'];
$_SESSION['team_tag'] = $user_info['team_tag'];
$_SESSION['access'] = $user_info['access'];
$_SESSION['webs'] = $user_info['webs'];
$_SESSION['priv_message'] = $user_info['priv_message'];
}

if(!$_SESSION['username']){
session_start();
header("Cache-control: private");
if(!$_SESSION['username']){
echo "<font id=UserPanelText />You are not logged in.";
exit();
}
include("index2.php");
?>[/code]

[Guest MikeAAAAA]

[code]
if(!$_SESSION['username']){
session_start();
header("Cache-control: private");
if(!$_SESSION['username']){
echo "<font id=UserPanelText />You are not logged in.";
exit();[b]}[/b]
}
[/code]

Your missing the 2nd }

[.josh]

you're actually missing 2 } the one mentioned and the one for the else that assigns values to all your session vars

[cameeob2003]

[code][code] // If the user is not found note that and end.
if($usersfound < 1){
$error = "User ".$user." was not found in the database.";[/code]

The above $error is what it keeps dipsplaying ^^

I know that that the user accounts Ive registered is there but it is not wanting to find it. Im not sure what ive done wrong. My mysql database is as follows:

[code]CREATE TABLE `users` (
  `userid` int(25) NOT NULL auto_increment,
  `first_name` varchar(25) NOT NULL default '',
  `last_name` varchar(25) NOT NULL default '',
  `username` varchar(25) NOT NULL default '',
  `password` varchar(20) NOT NULL default '',
  `encryptpass` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  `location` varchar(255) NOT NULL default '',
  `steamid` varchar(15) NOT NULL default '',
  `handle` varchar(25) NOT NULL default '',
  `bio` text NOT NULL,
  `photo` varchar(255) NOT NULL default 'nopic.jpg',
  `team_name` varchar(32) NOT NULL default '',
  `team_tag` varchar(17) NOT NULL default '',
  `access` varchar(25) NOT NULL default '0',
  `webs` varchar(255) NOT NULL default 'http://',
  `sign_update` datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (`userid`),
  UNIQUE KEY `username` (`username`)
) TYPE=MyISAM AUTO_INCREMENT=1 ;[/code]

and my code for the login.php is this:

[code]<?php
session_start();

header("Cache-control: private");

$user = $_POST['username'];
$pass = $_POST['password'];

include("db.php");

// Check to see if the user exists.

$sql_user_check = "SELECT * FROM users WHERE username='$user'";
$result_name_check = mysql_query($sql_user_check);
$usersfound = mysql_num_rows($result_name_check);

// If the user is not found note that and end.
if($usersfound < 1){
$error = "User ".$user." was not found in the database.";

// If the user does exist continue with processing.
}else{
// Checking if password match.
$sql_pass_get = "SELECT * FROM users WHERE username='$user'";
$user_info = mysql_fetch_array(mysql_query($sql_pass_get));
$encryptpass = $user_info['encryptpass'];

// If password does not match then end.
if($encrytpass != md5($pass)){
$error = "Invalid Password. Try again.";

// If the passwords do match, let in and go to the session variables.
}else{
$_SESSION['userid'] = $user_info['userid'];
$_SESSION['first_name'] = $user_info['first_name'];
$_SESSION['last_name'] = $user_info['last_name'];
$_SESSION['username'] = $user_info['username'];
$_SESSION['password'] = $user_info['password'];
$_SESSION['encryptpass'] = $user_info['encryptpass'];
$_SESSION['email'] = $user_info['email'];
$_SESSION['location'] = $user_info['location'];
$_SESSION['steamid'] = $user_info['steamid'];
$_SESSION['handle'] = $user_info['handle'];
$_SESSION['bio'] = $user_info['bio'];
$_SESSION['photo'] = $user_info['photo'];
$_SESSION['team_name'] = $user_info['team_name'];
$_SESSION['team_tag'] = $user_info['team_tag'];
$_SESSION['access'] = $user_info['access'];
$_SESSION['webs'] = $user_info['webs'];
$_SESSION['priv_message'] = $user_info['priv_message'];
}
}

if(!$_SESSION['username']){
if($error){
echo $error;
include("index.php");
}else{
include("index2.php");
  }
    }else{
echo "<html><head><title>Welcomce Back</title></head>Welcome back ". $_SESSION['username'] .".<a href=index2.php>Click here</a> to proceed.";
}
?>[/code][/code]

[.josh]

change this:
[code]
$result_name_check = mysql_query($sql_user_check);
$usersfound = mysql_num_rows($result_name_check);
[/code]

to this:
[code]
$result_name_check = mysql_query($sql_user_check) or die(mysql_error());
$usersfound = mysql_num_rows($result_name_check) or die(mysql_error());
[/code]
and post if there is an error

[cameeob2003]

Replaced those lines and nothing was reported as an error. Im not quite sure if its my wording on the diff $variable lines or what that is breaking it somewere but i believe that all looks like it should process. So I am not sure what my problem with the script is.

[tomfmason]

I may be wrong(some what new to php) but I think that you have to define what you are going to SELECT from the data base. Here is a copy of what you have

[code]$sql_user_check = "SELECT * FROM users WHERE username='$user'";[/code]

and what it should be

[code]$sql_user_check = "SELECT username  FROM users WHERE username='$user'";[/code]

That is why it is returning user not found.

You should also change $sql_pass_get

Hope that helps

[cameeob2003]

The username change worked but when it gets to the lines:

[code]// Checking if password match.
$sql_pass_get = "SELECT encryptpass FROM users WHERE username='$user'";
$user_info = mysql_fetch_array(mysql_query($sql_pass_get));
$encryptpass = $user_info['encryptpass'];

    if($encrytpass != md5($pass)){
$error = "Invalid Password. Try again.";[/code]

I says that password is invalid even after I checked the password with mysql and it was correct.

[tomfmason]

I am not sure how to use md5 but I think that this code

[code]    if($encrytpass != md5($pass)){
$error = "Invalid Password. Try again.";[/code]

is saying that if $encryptpass  is encrypted then it passes the error

? I am not sure what to do. Maybe use this
[code]$sql_pass_get = "SELECT password FROM users WHERE username='$user'";[/code]

you should also change the corrisponding information. Try it and see what happens.

Also, when ever this is figured out  could you post your fixed login script, so that other people may use it as a reference

[cameeob2003]

I tryed that but with no success. Any other ideas?

[tomfmason]

I was about to give up...lol.
If this was one of the tutorials from here, I think that they leave simple syntax errors in the documents so that you will be forced to learn.

I think that this should fix your problem.
[code]$sql_pass_get = "SELECT encryptpass FROM users WHERE encryptpass='$pass'";[/code]

also if you used the membership tutorial  could you post your registration script. I am having some trouble with mine...lol

[cameeob2003]

Here is my full code working:

[code]<?php
session_start();

header("Cache-control: private");

$user = $_POST['username'];
$pass = $_POST['password'];

include("db.php");

// Check to see if the user exists.

$sql_user_check = "SELECT username FROM users WHERE username='$user'";
$result_name_check = mysql_query($sql_user_check) or die(mysql_error());
$usersfound = mysql_num_rows($result_name_check) or die(mysql_error());

// If the user is not found note that and end.
if($usersfound < 1){
$error = "User ".$user." was not found in the database.";

$user = $_POST['username'];
$pass = md5($_POST['password']);
$sql = "select * from users where `username` = '$user'";
$result = mysql_query($sql);
while ($text = mysql_fetch_array($result)) {
$id = $text['id'];
$password = $text['encrytpass'];
$access = $text['access'];
}
if ($pass == $password) {
$error = "Wrong Username / Password <a href=\"?act=login\">Back</a>";

// If the passwords do match, let in and go to the session variables.
}else{
$_SESSION['userid'] = $user_info['userid'];
$_SESSION['first_name'] = $user_info['first_name'];
$_SESSION['last_name'] = $user_info['last_name'];
$_SESSION['username'] = $user_info['username'];
$_SESSION['password'] = $user_info['password'];
$_SESSION['encryptpass'] = $user_info['encryptpass'];
$_SESSION['email'] = $user_info['email'];
$_SESSION['location'] = $user_info['location'];
$_SESSION['steamid'] = $user_info['steamid'];
$_SESSION['handle'] = $user_info['handle'];
$_SESSION['bio'] = $user_info['bio'];
$_SESSION['photo'] = $user_info['photo'];
$_SESSION['team_name'] = $user_info['team_name'];
$_SESSION['team_tag'] = $user_info['team_tag'];
$_SESSION['access'] = $user_info['access'];
$_SESSION['webs'] = $user_info['webs'];
$_SESSION['priv_message'] = $user_info['priv_message'];
}
}

if(!$_SESSION['username']){
if($error){
echo $error;
include("index.php");
}else{
echo "You are logged in.";
include("index2.php");
  }
    }else{
echo "<html><head><title>Welcomce Back</title></head>Welcome back ". $_SESSION['username'] .".<a href=index2.php>Click here</a> to proceed.";
}
?>[/code]

As far as I know it works but how do I get it to check if all the $_SESSION[''];'s registered? And are working cuz when I use the start_session(); command it gives me an error saying that Im not logged in even though my login script has authed me. Is there something I need to do to keep the session open on a new page besides what I did in the following code.

[code]<?php

session_start();
header("Cache-control: private");
if(!$_SESSION['username']){
echo "<font id=UserPanelText />You are not logged in.";
exit();
}

$newpms = $_SESSION['priv_messages'];

echo "You are logged in as:". $_SESSION['username'] ."<br/><br/>";

if($newpms > "0"){
echo "<a href=?page=newpmessage=$id>Unread Messages</a> (". $newpms .")<br/>";
}else{
echo "<font id=UserPanelText />No unread messages. --<a href=?page=pmessages=$id>Mailbox</a><br/><font id=UserPanelText /><a href=?page=user_panel>User Panel</a><br/>";
}
?>[/code]

[tomfmason]

I am not sure.  It may have something to do with the size of your session variables.
I will do some reasearch for you. If you can will you post your register script. I am having some trouble with mine and would like to compare it to one that works.

[cameeob2003]

Here is my register script pretty simple.

register.php

[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>n2p - Nothing to Prove</title>

<meta name="copyright" content="Copyright by psyche Design - All rights reserved." />
<meta name="page-type" content="Info" />
<link rel="stylesheet" href="n2p.css" type="text/css" />

<?php
# include mysql connection script
include 'db.php';

# Grab the post variables from the PHP form
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$username = $_POST['username'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$bio = $_POST['bio'];


# Make sure passwords match
if ($_POST['pass1'] == $_POST['pass2']){
      $password = TRUE;
    } else {
      $password = FALSE;
      echo '<p>Your password did not match the confirmed password!</p>';
  }
$legit = ereg("^[a-zA-Z0-9]{8,15}$", $pass1);
if(!legit){
$error = "Your password was to long or in the wrong format. Please make your password between 8-15 characters long and only contain numbers and letters.";
}

# Checking for anything that could cause errors
$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$email = stripslashes($email);
$username = stripslashes($username);
$pass1 = stripslashes($pass1);
$pass2 = stripslashes($pass2);
$bio = stripslashes($bio);

# Any errors in the posted fields? Lets check...
if((!$first_name) || (!$last_name) || (!$email) || (!$username) || (!$pass1) || (!$pass2)){
echo 'You did not submit the following required information! <br/>';
if(!$first_name){
echo '<font id=UserNameRed />First name <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$last_name){
echo '<font id=UserNameRed />Last name <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$email){
echo '<font id=UserNameRed />Email address <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$username){
echo '<font id=UserNameRed />Username <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$pass1){
echo '<font id=UserNameRed />Password <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
if(!$pass2){
echo '<font id=UserNameRed />Password(again) <font id=UserPanelText />is a required field. Please enter it below. <br/>';
}
include("register_form.html");
exit();
}

# does this username already exist in the database? lets check for that now...
$sql_email_check = mysql_query("SELECT email FROM users WHERE email='$email'");
$sql_username_check = mysql_query("SELECT username FROM users username='$username'");

$email_check = mysql_num_rows($sql_email_check);
$username_check = mysql_num_rows($sql_username_check);

if(($email_check > 0) || ($username_check > 0)){
echo 'Please fix the following errors: <br/>';
if($email_check > 0){
echo '<strong>Your email address has already been used by another member in our database. Please use a different Email address!<br/>';
unset($email);
}
if($username_check > 0){
echo 'The username you have selected has already been used by another member in our database. Please choose a different Username!<br/>';
unset($username);
}
include("register_form.html"); // Show form again
exit();
}

# everything checks out so far, so lets add the user!

$db_password = md5($pass1);

# Enter into database

$bio2 = htmlspecialchars($bio);
$sql = mysql_query("INSERT INTO users (first_name, last_name, email, username, password, encryptpass, bio) VALUES ('$first_name','$last_name','$email','$username','$pass1','$$db_password','$bio2')") or die (mysql_error());

if(!$sql){
echo 'There has been an error creating your account. Please contact the webmaster.';
}else{
echo 'Your account has been successfully registered. You may now login.';
}

?>
</head>
</html>[/code]

[tomfmason]

your register script makes no metion of md5. That could have been one of your orginal problems.

Now as for the issues with sessions, I would make another post and explain in detail what is happening.

[cameeob2003]

I make the mention of conversion here in line 96:

[code]# everything checks out so far, so lets add the user!

$db_password = md5($pass1);[/code]