Mysql Update error

[fierdor]

I am trying to develop an online quiz.Here I am trying to update the level of a user in the database when he enters the correct answer so that i can use it for a scoreboard.I have a Login page.I have copied the login script from some site.Is it necessary to "integrate" my page with the login page for the session to continue?My database is working fine with the login entries being updated there.

 

When i try this code i get the following error:

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\xampp\htdocs\Myst\welcome.php on line 21

<?php
if(isset($_POST['name'])&&isset($_SESSION[username]))
{
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("myst", $con);

$result = mysql_query("SELECT * FROM answers
WHERE level='1'");
while($row = mysql_fetch_array($result))
  {
  $a=$row['answer'];
  $b=$_POST['name'];
  if($a==$b)
{
mysql_query("UPDATE users SET level = '2'
WHERE username =$_SESSION['username']");
header("Location:http://localhost/myst/welcome1.php");
exit;
}

else
{
header("Location:http://localhost/myst/welcome.php");
exit;
}
}
}
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>"> 
Name: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
</body>
</html>

 

P.S:Line 21 is:mysql_query("UPDATE users SET level = '2'

WHERE username =$_SESSION['username']");

 

 

I am new to PHP..So the mistake could be really silly!!

[champoi]

uhmm, dont do this:

 

mysql_query("UPDATE users SET level = '2'
WHERE username =$_SESSION['username']");

 

do this instead,

 

mysql_query("UPDATE users SET level = '2' WHERE username =$_SESSION['username']");

[fierdor]

No luck...and by the way what did you change??Bcoz the code still looks the same to me...

 

[champoi]

mysql queries are strict when it comes to white spaces, a double space may not let your query work, sometimes without even sending an error,

[Mad Mick]

Seems that mysql_query wont accept array elements ie $array['key'].  There is probably a better way but i tend to use:

 

$username=$_SESSION['username'};
mysql_query("UPDATE users SET level='2' WHERE username='$username'");

 

Shouldn't need to worry about too many white spaces or carriage returns - often people put extra in to display the sql clearly.

 

 

[T Horton]

Hi there

 

The problem is on this line:

 

WHERE username =$_SESSION['username']");

 

What you will need to do is to declare the username string as a variable elsewhere, so your code would look something like this:

 

<?php
if(isset($_POST['name'])&&isset($_SESSION[username]))
{
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("myst", $con);

$result = mysql_query("SELECT * FROM answers
WHERE level='1'");
while($row = mysql_fetch_array($result))
  {
  $a=$row['answer'];
  $b=$_POST['name'];
  if($a==$b)
{
$username = $_SESSION['username'];
mysql_query("UPDATE users SET level = '2'
WHERE username ='$username'");
header("Location:http://localhost/myst/welcome1.php");
exit;
}

else
{
header("Location:http://localhost/myst/welcome.php");
exit;
}
}
}
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Name: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
</body>
</html>

 

Hopefully this should work for you.

 

 

 

Tom

[champoi]

try this:

 

mysql_query("UPDATE users SET level = '2' WHERE username='".$_SESSION['username']."'");

take note that username='". are a single quote, a double quote and a period

[fierdor]

Ok that problem apparently is solved(Coz i get no error)

But now even if i enter the right answer i get back to the same page whereas i should be going to welcome1.php..

Any ideas where the problem is?

That means the "else' loop is being executed even though the "if" condition is true...

Is it sumthg related to the header which says nothing should be posted before the "header" function??

[fierdor]

Ok the problem seems to be in the session...after i login the session starts..But when i go to welcome.php the session is terminated....Maybe there is a problem in the integration of login and welcome...Shouldnt have copied the loginscript 

I tested the session with this script

<?php
if(isset($_SESSION[username]))
{
echo "Session On";
if(isset($_POST['name'])&&isset($_SESSION[username]))
{
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("myst", $con);

$result = mysql_query("SELECT * FROM answers
WHERE level='1'");
while($row = mysql_fetch_array($result))
  {
  $a=$row['answer'];
  $b=$_POST['name'];
  if($a==$b)
{
mysql_query("UPDATE users SET level = '2' WHERE username='".$_SESSION['username']."'");header("Location:http://localhost/myst/welcome1.php");
exit;
}

else
{
header("Location:http://localhost/myst/welcome.php");
exit;
}
}
}
}
else
echo "Session Off";
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Name: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
</body>
</html>

 

The output is Session Off

 

[T Horton]

Hi

 

You are remembering to put:

 

session_start();

 

... at the beginning aren't you?

 

I can't see it in your code you have pasted. :S

 

 

 

Tom

[fierdor]

ya figured dat out...

Thx a lot!!!

But now one more error.You all must be hardly surprised by now!!

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\Myst\welcome.php:5) in C:\xampp\htdocs\Myst\welcome.php on line 24

it is to do with that header stuff...Ne oder way of forwarding the page?

[T Horton]

It is basically because you have probably refreshed the submitted page so many times it is storing the information from before.

 

Normally I find that when I get that message, going back to the first page, or closing the browser and starting on the homepage or first page again, that will disappear, as any sessions used previously will be lost.

 

Hope this helps.

[Mad Mick]

Get rid of the echo statements.

[fierdor]

Getting rid of the echo statements helped.It is working now...But shouldnt it work even with the echo statements because the header is in another loop??

[Mad Mick]

if $_SESSION['username'] is set then the first command is echo "Session On".  If you use header() at any point after this you will get an error. 

[fierdor]

Now basically what i want to do is check if a user has actually passed level (n-1) before he goes to level n.(So that a URL leak does not take them like 10 levels higher).

Warning: mysql_query() [function.mysql-query]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\xampp\htdocs\Myst\welcome1.php on line 5

 

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\xampp\htdocs\Myst\welcome1.php on line 5

 

 

<?php
session_start();
if(isset($_POST['name'])&&isset($_SESSION['username'])) {
$username=$_SESSION['username'];
$x=mysql_query("SELECT level FROM users WHERE username='$username'");
if ($x==2)
{
$con = mysql_connect("localhost","root","");
if (!$con)
  	{
  	die('Could not connect: ' . mysql_error());
  	}

mysql_select_db("myst",$con);

$result = mysql_query("SELECT * FROM answers
WHERE level='2'");
while($row = mysql_fetch_array($result))
  	{
  	$a=$row['answer'];
  	$b=$_POST['name'];
  		if($a==$b)
	{
	header("Location:http://localhost/myst/welcome2.php");
	exit;
	}

	else
	{
	header("Location:http://localhost/myst/welcome1.php");
	exit;
	}
}
}
}
else
header("Location:http://localhost/myst/welcome.php");
?>
<html>
<body>
<form method="post" action="<?php echo $PHP_SELF;?>"> 
Name: <input type="text" name="name" />
<input type="submit" />
</form>
</body>
</html>

 

 

Is there a better way in which i can achieve this??

[fierdor]

Does the error mean that there is no connection between server and database?

Because now my register.php(Registration),welcome.php is also failing.

Thanks all!!

 

[Mad Mick]

You are trying to do a query before you have connected to the server.  The mysql_connect has to be done before you do any mysql_query commands.

[fierdor]

My problem is still not solved.

I have two pages welcome and welcome1.

in welcome i update the level of a user in database if he has the correct answer.

in welcome1 i check whether the user's level is 2 in the database before loading the page.

Otherwise i direct him back to welcome.

Rather alll this is what i want to do!!

but it is not happening.

the problem seems to be in welcome1 because when i remove the levelcheck in welcome1 things work fine.

any pointers??

or is der a more refined way in which i can do this??

 

My codes:

welcome.php

<?php
session_start();
include("database.php");
include("auth.php");
if(isset($_POST['name']))
{
$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("myst", $con);

$result = mysql_query("SELECT * FROM answers
WHERE level='1'");
while($row = mysql_fetch_array($result))
  {
  $a=$row['answer'];
  $b=$_POST['name'];
  if($a==$b)
{
$username = $_SESSION['SESS_MEMBER_ID'] ;
mysql_query("UPDATE members SET level = '2'
WHERE member_id ='$username'");

header("Location:http://localhost/myst/welcome1.php");
exit;
}

else
{
header("Location:http://localhost/myst/welcome.php");
exit;
}
}
}
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Name: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
</body>
</html>

 

 

welcome1.php:

<?php
session_start();
include("database.php");
include("auth.php");
$username=$_SESSION['SESS_MEMBER_ID'];
$x=mysql_query("SELECT level FROM members WHERE member_id='$username'");
if ($x==2)
{
if(isset($_POST['name'])) 
{

$con = mysql_connect("localhost","root","");
if (!$con)
  	{
  	die('Could not connect: ' . mysql_error());
  	}

mysql_select_db("myst",$con);

$result = mysql_query("SELECT * FROM answers
WHERE level='2'");
while($row = mysql_fetch_array($result))
  	{
  	$a=$row['answer'];
  	$b=$_POST['name'];
  		if($a==$b)
	{
	header("Location:http://localhost/myst/welcome2.php");
	exit;
	}

	else
	{
	header("Location:http://localhost/myst/welcome1.php");
	exit;
	}
}
}
?>
<html>
<body>
<form method="post" action="<?php echo $PHP_SELF;?>"> 
Name: <input type="text" name="name" />
<input type="submit" />
</form>
</body>
</html>
<?
}
else
header("Location:welcome.php");
?>

 

 

When i type in the right answer in welcome i get the same page again meaning the else loop is being executed in welcome1.

Thanks in advance!

[Yesideez]

Just for information this works:

$x=mysql_query("SELECT level FROM members WHERE member_id='".$_SESSION['SESS_MEMBER_ID']."'");

[fierdor]

ya but that is not the cause of the error...newayz thx for it!!

[Yesideez]

I can't stress how much INDENTING code will make things a lot easier for you to read and debug code.

 

<?php
  session_start();
  include("database.php");
  include("auth.php");
  if(isset($_POST['name'])) {
    $con = mysql_connect("localhost","root","");
    if (!$con) {
      die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("myst", $con);

    $result = mysql_query("SELECT * FROM answers WHERE level='1'");
    while($row = mysql_fetch_array($result)) {
      $a=$row['answer'];
      $b=$_POST['name'];
      if($a==$b) {
        $username = $_SESSION['SESS_MEMBER_ID'] ;
        mysql_query("UPDATE members SET level = '2' WHERE member_id ='$username'");

        header("Location:http://localhost/myst/welcome1.php");
        exit;
      } else {
        header("Location:http://localhost/myst/welcome.php");
        exit;
      }
    }
  }
?>
<html>
<body>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
Name: <input type="text" name="name" />
<input type="submit" value="Submit" />
</form>
</body>
</html>

[Yesideez]

...and finally welcome1.php:

 

<?php
  session_start();
  include("database.php");
  include("auth.php");
  $username=$_SESSION['SESS_MEMBER_ID'];
  $x=mysql_query("SELECT level FROM members WHERE member_id='$username'");
  if ($x==2) {
    if(isset($_POST['name'])) {

      $con = mysql_connect("localhost","root","");
      if (!$con) {
        die('Could not connect: ' . mysql_error());
      }

      mysql_select_db("myst",$con);

      $result = mysql_query("SELECT * FROM answers WHERE level='2'");
      while ($row = mysql_fetch_array($result)) {
        $a=$row['answer'];
        $b=$_POST['name'];
        if ($a==$b) {
          header("Location:http://localhost/myst/welcome2.php");
          exit;
        } else {
          header("Location:http://localhost/myst/welcome1.php");
          exit;
        }
      }
    }
?>
<html>
<body>
<form method="post" action="<?php echo $PHP_SELF;?>">
Name: <input type="text" name="name" />
<input type="submit" />
</form>
</body>
</html>
<?php
  } else {
    header("Location:welcome.php");
  }
?>

[fierdor]

hey thanks so much for the effort u put in to indent the code!!i will remember dat nw!

But sadly dat doesnt seem to solve the problem..Cud it be a logical bug somewhere?

[Flames]

MySQL topic...