slanderman Posted October 21, 2009 Share Posted October 21, 2009 getting syntax error, what did I do wrong? lol Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in /search.php on line 22 <?php if(isset($_SESSION['uid'])) echo "<a href="http://www.bluesapphirestudios.com/search/logout.php">Logout</a>"; //this is line 22 else echo "<a href="http://www.bluesapphirestudios.com/search/main_login.php">Login</a>"; ?> Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 21, 2009 Share Posted October 21, 2009 Hi You need to escape the double quotes used within the strings you want to echo out (or in this case just replace them with single quotes). All the best Keith Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 Cont. from kickstart here's some example use single quotes <?php if(isset($_SESSION['uid'])) echo '<a href="http://www.bluesapphirestudios.com/search/logout.php">Logout</a>'; //this is line 22 else echo '<a href="http://www.bluesapphirestudios.com/search/main_login.php">Login</a>'; ?> escape the quotes <?php if(isset($_SESSION['uid'])) echo "<a href=\"http://www.bluesapphirestudios.com/search/logout.php\">Logout</a>"; //this is line 22 else echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; ?> replace the htmls doubles for singles <?php if(isset($_SESSION['uid'])) echo "<a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; //this is line 22 else echo "<a href='http://www.bluesapphirestudios.com/search/main_login.php'>Login</a>"; ?> All the best Keith MadTechie Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 yes, that worked beautifully... I keep adding bits and pieces to the code and I keep breaking it as I go...can you help with one more? lol Parse error: syntax error, unexpected '}', expecting ',' or ';' in /search.php on line 25 <? if(session_is_registered(myusername)){ echo '<strong><font color='#000000'>Welcome $session_is_registered[myusername]</font></strong> ... <a href="http://www.bluesapphirestudios.com/search/logout.php">Logout</a>'; }else{ //This is line 25 echo '<a href="http://www.bluesapphirestudios.com/search/main_login.php">Login</a>'; } ?> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 echo '<strong><font color='#000000'>Welcome $session_is_registered[myusername]</font></strong> ... <a href="http://www.bluesapphirestudios.com/search/logout.php">Logout</a>'; okay you are using both single and double quotes you can break it up into multiple lines or escape the quotes if you start with echo " you need to escape the " ie \" if you start with echo ' you need to escape the ', ie \' EDIT: i'll start you off (single quote escaped) echo '<strong><font color=\'#00.....snip......'; Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 if I escape the quotes and leave the curly braces on line 25, I get the same error, if I remove the curly braces from line 25, I get this error now Parse error: syntax error, unexpected T_ELSE, expecting ',' or ';' in /search.php on line 25 <? if(session_is_registered(myusername)){ echo '<strong><font color='#000000'>Welcome $session_is_registered[myusername]</font></strong> ... <a href=\"http://www.bluesapphirestudios.com/search/logout.php\">Logout</a>'; else //this is line 25 echo '<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>'; } ?> Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 oops, I missed part of your post, let me go try again! sorry Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 as you started with single quotes you need to escape the single quotes (or just change the start and end doubles to singles) Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 ok, no more error, it almost works lol its displaying "Welcome $session_is_registered[myusername]" as text rather than seeing this as a variable and inserting the session uid. I'm not sure where to find the correct variable to use to make this display the logged in persons username this is the contents of my checklogin.php *excluding database connection settings*, would the variable I need to reference be in here? // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "search.php" session_register("myusername"); session_register("mypassword"); header("location:search.php"); } else { echo "Wrong Username or Password"; } ?> Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted October 21, 2009 Share Posted October 21, 2009 thats because you surround your string with single quotes. Single quotes don't parse PHP while double quotes does. That means variables like the one you have in that string will be output as $variable, rather than their actual value. With double quotes, the $variable will echo its value. for example $hello="string"; echo '$hello';//echos $hello echo "$hello";//echos string Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 Okay.. this is the reason we have single quotes and double quotes a double quote allows variables to be parsed where as singles don't ie $avar = "MadTechie"; echo "1. Hello $avar "; echo "<br>";//line break echo '2. Hello $avar '; So to fix this you can either start with double quotes or concatenate the string ie echo '<strong>'.$avar.'</strong>'; or echo '<strong><font color=\'#000000\'>Welcome '.$session_is_registered['myusername'].'</f...snip'; EDIT: mikesta707 beat me to it but worth posting i think Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 thats great info, I think I'm still using the wrong variable, everything I try either displays plain text, or nothing at all... Welcome (myusername) ... logout and Welcome ... logout <? if(session_is_registered(myusername)){ echo "<strong><font color='#fffff'>Welcome $myusername</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; }else{ echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; } ?> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 session_register("myusername"); session_is_registered("myusername"); is kinda old (PHP4) try <?php if(isset($_SESSION['myusername'])){ echo "<strong><font color='#fffff'>Welcome ".$_SESSION['myusername']."</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; }else{ echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; } ?> also change session_register("myusername"); to $_SESSIOIN['myusername'] = $myusername; EDIT: also you need to have session_start(); at the start of your code to use sessions Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 ok, I've got all that changed..already had session start at beginning... Its no longer displaying "Welcome..." or logout link when the user is logged in <?php if(isset($_SESSION['myusername'])){ echo "<strong><font color='#fffff'>Welcome ".$_SESSION['myusername']."</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; }else{ echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; } ?> // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "search.php" //session_register("myusername"); $_SESSION['myusername'] = $myusername; session_register("mypassword"); header("location:search.php"); } else { echo "Wrong Username or Password"; } ?> Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 this is what is at the beginning of the page if this helps... <?php session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } ?> Quote Link to comment Share on other sites More sharing options...
cags Posted October 21, 2009 Share Posted October 21, 2009 myusername is not a constant so it should have quotes around it, but session_is_registered is a deprecated function as MadTechie already pointed out. I'd recommend something more like... if(!isset($_SESSION['myusername'])) Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 It maybe an idea to post the full script.. for review Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 21, 2009 Author Share Posted October 21, 2009 okie dokie, here we go kids This one is my search.php page, the one page i need password protection on <?php session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } ?> <?php include '/header.php'; ?> <title>Our Models</title> </head> <body> <!-- Begin Wrapper --> <div id="wrapper"> <!-- Begin Header --> <div id="header"><h1><a href="http://www.bluesapphirestudios.com"><img src="../slanderbanner.jpg" border=0></a></h1> <br /> <?php if(isset($_SESSION['myusername'])){ echo "<strong><font color='#fffff'>Welcome ".$_SESSION['myusername']."</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; }else{ echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; } ?> </div> <!-- End Header --> <?php include '/menu2.php'; ?> <div id="rightcolumn"> <br /><br /> </h3> <form method="post" action="sqlsearch.php"> Search Models: <input type="Text" name=".$Search" size="20" maxlength="30"> <input type="Submit" name="submit" value="Search"> </form> </div> <?php include '/footer.php'; ?> This one is my checklogin.php <?php $host="HOST"; // Host name $username="USERNAME"; // Mysql username $password="PASSWORD"; // Mysql password $db_name="DBNAME"; // Database name $tbl_name="TABLENAME"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "search.php" //session_register("myusername"); $_SESSION['myusername'] = $myusername; session_register("mypassword"); header("location:search.php"); } else { echo "Wrong Username or Password"; } ?> Missing anything? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 21, 2009 Share Posted October 21, 2009 Here's a quick update <?php session_start (); if (! isset ( $_SESSION ['myusername'] )) { header ( "location:main_login.php" ); exit (); } include '/header.php'; ?> <title>Our Models</title> </head> <body> <!-- Begin Wrapper --> <div id="wrapper"><!-- Begin Header --> <div id="header"> <h1><a href="http://www.bluesapphirestudios.com"><img src="../slanderbanner.jpg" border=0></a></h1> <br /> <?php echo "<strong><font color='#fffff'>Welcome " . $_SESSION ['myusername'] . "</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; //pointless (as the page redirects if user isn't logged in /* if (isset ( $_SESSION ['myusername'] )) { echo "<strong><font color='#fffff'>Welcome " . $_SESSION ['myusername'] . "</font></strong> ... <a href='http://www.bluesapphirestudios.com/search/logout.php'>Logout</a>"; } else { echo "<a href=\"http://www.bluesapphirestudios.com/search/main_login.php\">Login</a>"; }*/ ?> </div> <!-- End Header --> <?php include '/menu2.php'; ?> <div id="rightcolumn"><br /> <br /> </h3> <form method="post" action="sqlsearch.php">Search Models: <input type="Text" name=".$Search" size="20" maxlength="30"> <input type="Submit" name="submit" value="Search"></form> </div> <?php include '/footer.php'; ?> <?php $host = "HOST"; // Host name $username = "USERNAME"; // Mysql username $password = "PASSWORD"; // Mysql password $db_name = "DBNAME"; // Database name $tbl_name = "TABLENAME"; // Table name // Connect to server and select databse. mysql_connect ( $host, $username, $password ) or die ( "cannot connect" ); mysql_select_db ( $db_name ) or die ( "cannot select DB" ); // username and password sent from form if (get_magic_quotes_gpc()) { $myusername = stripslashes($_POST['myusername']); $mypassword = stripslashes($_POST['mypassword']); } else { $myusername = $_POST['myusername']; $mypassword = $_POST['mypassword']; } $sql = sprintf("SELECT * FROM $tbl_name WHERE username='%s' and password='%s' LIMIT 0,1",mysql_real_escape_string ( $myusername ),mysql_real_escape_string ( $mypassword )); $result = mysql_query ( $sql ); // Mysql_num_row is counting table row $count = mysql_num_rows ( $result ); // If result matched $myusername and $mypassword, table row must be 1 row if ($count == 1) { session_start(); // Register $myusername, $mypassword and redirect to file "search.php" $_SESSION ['myusername'] = $myusername; header ( "location:search.php" ); exit; } else { echo "Wrong Username or Password"; } ?> Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 22, 2009 Author Share Posted October 22, 2009 oops, now i see what ya did, i'll try it Quote Link to comment Share on other sites More sharing options...
cbolson Posted October 22, 2009 Share Posted October 22, 2009 MadTechie was saying that it was pointless because you already have this control at the beginning of the page. If the user is no logged in, this page will never be seen as you have told it to redirect to main_login.php with this code: if (! isset ( $_SESSION ['myusername'] )) { header ( "location:main_login.php" ); exit (); } So, as only logged in users can see the page, you don't need to the if/else clause and you can directly show the welcome message as per MadTechie's example. Chris Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 22, 2009 Author Share Posted October 22, 2009 Thats awesome Techie Thanks so much for your help :D Quote Link to comment Share on other sites More sharing options...
slanderman Posted October 22, 2009 Author Share Posted October 22, 2009 yea, I see that...at first glance it looked like the whole piece of the "Welcome..." Script was gone completely, I didnt see that he had rewritten it MadTechie was saying that it was pointless because you already have this control at the beginning of the page. If the user is no logged in, this page will never be seen as you have told it to redirect to main_login.php with this code: if (! isset ( $_SESSION ['myusername'] )) { header ( "location:main_login.php" ); exit (); } So, as only logged in users can see the page, you don't need to the if/else clause and you can directly show the welcome message as per MadTechie's example. Chris Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.