Jump to content

PHP Error

bravo14

By bravo14
in PHP Coding Help

 Share

Recommended Posts

bravo14 Advanced Member

bravo14

Posted
Posted

I have the following erorr when I access a page, I cannot see an error, but I may be blind to it all

 

Parse error: syntax error, unexpected $end in /home/sites/bravo14.co.uk/public_html/quantumphones/login.php on line 153

 

<?php 
session_start();
if($_POST[submit]=1)
{
  foreach ($_POST as $key => $val) {
   $$key = mysql_real_escape_string($val);

include_once('includes/connector.php');
//is the email already registered?
$user =mysql_query('SELECT email FROM `tbl_customers` WHERE email=$email');
if(mysql_num_rows($user) > 0) //login name was found
{ 
//is the password correct
$password = mysql_query('SELECT email FROM `tbl_customers` WHERE email=$email and password=md5("$password")');
if(mysql_num_rows($password) > 0)//password is correct
{
	   $_SESSION['auth']="yes";                    
           $logname=$email; 
           $_SESSION['logname'] = $logname;            
  		   header("Location:account/index.php");
  }
  else //password is incorrect
  {
  			$message="The email, '$email' 
                     exists, but you have not entered the 
                     correct password! Please try again.<br>";
   }
   }
        elseif ($user == 0)  // email not found       
	{   
        $message = "The Login Name you entered does not 
                    exist! Please try again.<br>";
      }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Quantum Phones</title>
<?php
include_once ('includes/meta.php');
?>

<script language="javascript">
<script language="javascript">
function popupwin()
winpopup=window.Open('','popup','height=500,width=400,menubar=no,scrollbars=vertical,status=no,toolbar=no,screenX=100,screenY=0,left=100,top=0');
}
</script>
function checkform()

var message="";//blank error message string

//Test email length
if (document.login.email.value.length==0)
{
message=message+"Please enter the registered email address\n";}
//Test the password
if (document.login.password.value.length==0)
{
message=message+"Please enter your password";}
if(message.length > 0)
{//is there an error message?
alert(message);//displays error message
return false;//return bad, not ok to process
}
else{
return true;//no error message
}
}
</script>

<link href="style/shop.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div align="center">
<div id="body">
<p> </p>
<div id="header">
<div id="navicons"><img src="images/contact.png" alt="Contact Us"/><img src="images/login.png" alt="Register/Login" /><img src="images/cart.png" alt="View your Cart" /></div>
</div><!--header -->
<div id="leftnav">
<ul>
<li></li>  
<li></li>
<li><b>By category</b></li>
<?php 
include('includes/connector.php'); 
$result = mysql_query('SELECT * FROM `tbl_category`', $dbConn) or die(mysql_error());
if(mysql_num_rows($result) < 1) 
{ 

   echo('Sorry, no results were found.'); 
} 
else 
{ 
   while($row = mysql_fetch_array($result))
    {
echo ('<li><a href="productlist.php?cat_id='.$row[cat_id].'">'.$row[cat_name].'</a></li>');
}
}
?>
<li><b>By Manufacturer</b></li>
<?php 
include('includes/connector.php'); 
$result = mysql_query('SELECT * FROM `tbl_makes`', $dbConn) or die(mysql_error());
if(mysql_num_rows($result) < 1) 
{ 

   echo('Sorry, no results were found.'); 
} 
else 
{ 
   while($row = mysql_fetch_array($result))
    {
echo ('<li><a href="makes.php?cat_id='.$row[make_id].'">'.$row[make].'</a></li>');
}
}
?>
</ul>
</div>
<div id="content">
  <h2>Login to Your Account</h2>
  <form name="login" method="post" action="login.php" onsubmit="return checkform()">
  <table>
<?php                                                  
            if (isset($message))
            {
               echo "<tr><td style='color: red' 
                 colspan='2' align='center'>$message <br /></td></tr>";
            }
?>
    <tr><td>
  Email Address:</td><td><input name="email" type="text" size="30" /></td></tr>
  <tr><td>Password:</td><td><input name="password" type="password" size="30" /></td></tr>
  <tr><td><input type="hidden" name="submit" id="hiddenField" value="1"/>
      <input name="login" type="submit" value="Login" class="button" /></td>
    <td>Need to register click <a href="register.php">here</a></td>
  </tr>
  </table>
    </form>
</div>

<div id="bottom-nav"><a href="contact.php">Contact</a> | <a href="account/index.php">My Account</a> | Testimonials | Privacy |</div>
<div id="credit">design by <a href="http://www.bravo14.co.uk" target="_blank">bravo14</a></div>
<div id="copyright">© Quantum Phones</div>
</div>
</div>
</body>
</html> //line 153

Link to comment
Share on other sites
rhodesa Newbie

rhodesa

Posted
Posted

you had lots of issues...i changed a bunch of stuff and marked it up with comments:

 

<?php 
session_start();
include_once('includes/connector.php'); //Just include the connector at the top
if($_POST['submit']) //Added quotes around submit and removed = 1 
{
  foreach ($_POST as $key => $val) {
    $$key = mysql_real_escape_string($val); //This is a huge security hole, as it allows people to inject variables into your code
  } //This was one missing brace

  //is the email already registered?
  $user = mysql_query("SELECT email FROM `tbl_customers` WHERE email='$email'"); //Added single quotes around $email
  if(mysql_num_rows($user) > 0) //login name was found
  { 
    //is the password correct
    $password = mysql_query("SELECT email FROM `tbl_customers` WHERE email='$email' and password=md5('$password')"); //Again added single quotes
    if(mysql_num_rows($password) > 0)//password is correct
    {
      $_SESSION['auth']="yes";                    
//      $logname=$email; //This line is a waste 
      $_SESSION['logname'] = $email; //Just use $email here            
      header("Location: account/index.php");
      exit; //You should have an exit after a header('Location')
    }
    else //password is incorrect
    {
      //You should probably use a generic invalid username or password
      //to prevent people from submitting random info until they find
      //a valid username
      $message="The email, '$email' 
                exists, but you have not entered the 
                correct password! Please try again.<br>";
    }
  }
  else  // email not found //this should just be else       
  {   
    $message = "The Login Name you entered does not 
                exist! Please try again.<br>";
  }
} //Another brace was missing here
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Quantum Phones</title>
<?php
include_once ('includes/meta.php');
?>

<script language="javascript">
<script language="javascript">
function popupwin()
winpopup=window.Open('','popup','height=500,width=400,menubar=no,scrollbars=vertical,status=no,toolbar=no,screenX=100,screenY=0,left=100,top=0');
}
</script>
function checkform()

var message="";//blank error message string

//Test email length
if (document.login.email.value.length==0)
{
message=message+"Please enter the registered email address\n";}
//Test the password
if (document.login.password.value.length==0)
{
message=message+"Please enter your password";}
if(message.length > 0)
{//is there an error message?
alert(message);//displays error message
return false;//return bad, not ok to process
}
else{
return true;//no error message
}
}
</script>

<link href="style/shop.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div align="center">
<div id="body">
<p> </p>
<div id="header">
<div id="navicons"><img src="images/contact.png" alt="Contact Us"/><img src="images/login.png" alt="Register/Login" /><img src="images/cart.png" alt="View your Cart" /></div>
</div><!--header -->
<div id="leftnav">
<ul>
<li></li> 
<li></li>
<li><b>By category</b></li>
<?php 
include('includes/connector.php'); 
$result = mysql_query('SELECT * FROM `tbl_category`', $dbConn) or die(mysql_error());
if(mysql_num_rows($result) < 1) 
{ 

   echo('Sorry, no results were found.'); 
} 
else 
{ 
   while($row = mysql_fetch_array($result))
    {
echo ('<li><a href="productlist.php?cat_id='.$row[cat_id].'">'.$row[cat_name].'</a></li>');
}
}
?>
<li><b>By Manufacturer</b></li>
<?php 
//include('includes/connector.php');  //Don't need this, cus it's at the top
$result = mysql_query('SELECT * FROM `tbl_makes`') or die(mysql_error()); //You didn't use $dbConn before, why start now? 
if(mysql_num_rows($result) < 1) 
{ 
  echo('Sorry, no results were found.'); 
}
else 
{ 
  while($row = mysql_fetch_array($result))
  {
    echo ('<li><a href="makes.php?cat_id='.$row['make_id'].'">'.$row['make'].'</a></li>'); //You should use quotes around your array keys
  }
}
?>
</ul>
</div>
<div id="content">
  <h2>Login to Your Account</h2>
  <form name="login" method="post" action="login.php" onsubmit="return checkform()">
  <table>
<?php                                                  
if (isset($message))
{
  echo "<tr><td style='color: red' 
       colspan='2' align='center'>$message <br /></td></tr>";
}
?>
    <tr><td>
  Email Address:</td><td><input name="email" type="text" size="30" /></td></tr>
  <tr><td>Password:</td><td><input name="password" type="password" size="30" /></td></tr>
  <tr><td><input type="hidden" name="submit" id="hiddenField" value="1"/>
      <input name="login" type="submit" value="Login" class="button" /></td>
    <td>Need to register click <a href="register.php">here</a></td>
  </tr>
  </table>
    </form>
</div>

<div id="bottom-nav"><a href="contact.php">Contact</a> | <a href="account/index.php">My Account</a> | Testimonials | Privacy |</div>
<div id="credit">design by <a href="http://www.bravo14.co.uk" target="_blank">bravo14</a></div>
<div id="copyright">© Quantum Phones</div>
</div>
</div>
</body>
</html>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.