I can't find the error.

Comptons_Eazy_E · November 21, 2009

This is my PHP code: Its saying somewhere on line 35 there's a error (Parse error: syntax error, unexpected T_VARIABLE, expecting '(' in /www/110mb.com/s/o/u/t/h/w/e/s/southwestrp/htdocs/login.php on line 35)

This is my code:

<html>

<body>

The Name you typed in was: <?php echo $_POST["fname"]; ?>!

The password you typed in was: <?php echo $_POST["ppassword"]; ?>

Linked: Account is linked!

<?php

$con = mysql_connect("64.120.14.202","server6068","dEqXPCvvx7phExc4");

if($con)

{

$db_selected = mysql_select_db('server6068', $con);

if (!$db_selected)

{

die ('Can\'t connect you to the MYSQL database : ' . mysql_error());

}

echo " ";

echo("Connected To the Database, Checking your password....!");

echo " ";

$result = mysql_query("SELECT * from players");

if (!$result)

{

die ('Can\'t connect you to the MYSQL database : ' . mysql_error());

}

$row = mysql_fetch_row($result);

if$row[1] == $_POST["fname"])

{

if($row[2] == $_POST["ppassword"])

{

echo("Password Matches Connected To the Database, Welcome to the UCP!");

echo " ";

$sql = "UPDATE players SET Linked='1' WHERE Name='$_POST[fname]'";

//VALUES

//('$_POST[fname]')";

mysql_query($sql) or trigger_error(mysql_error() . 'on line: ' . __LINE__, E_USER_ERROR);

}

else

{

echo("Password Does NOT, or the user does not have a account.");

return 0;

}

else

{

echo("Could Not Connect");

return 0;

}

?>

Account Info:

Linked: Account is linked!

Name: <?php echo $_POST["fname"]; ?>

Password: <?php echo $_POST["ppassword"]; ?>

<?php

$result = mysql_query("SELECT * from players");

while($row = mysql_fetch_array($result))

{

$porn = $row['PlayerLevel'];

$porn2 = $row['AdminLevel'];

$porn3 = $row['Moderator'];

$porn4 = $row['Helper'];

$porn5 = $row['Cash'];

$porn6 = $row['Skin'];

$porn7 = $row['Faction'];

$porn8 = $row['Rank'];

$porn9 = $row['HouseKey'];

echo("Level: $porn ");

echo " ";

echo("Admin Level: $porn2 ");

echo " ";

echo("Moderator?: $porn3 ");

echo " ";

echo("Helper?: $porn4 ");

echo " ";

echo("Money: $porn5 ");

echo " ";

echo("Skin: $porn6 ");

echo " ";

echo("Faction ID: $porn7 ");

echo " ";

echo("Faction Rank ID:: $porn8 ");

echo " ";

echo("House Key: $porn9 ");

return 1;

}

?>

</body>

</html>

seksislav · November 21, 2009

if$row[1] == $_POST["fname"]) should be if($row[1] == $_POST["fname"])

Deoctor · November 21, 2009

change the line

  if$row[1] == $_POST["fname"])

to this one

  if$row[1] == $_POST["fname"]

Comptons_Eazy_E · November 21, 2009

change the line

  if$row[1] == $_POST["fname"])

to this one

  if$row[1] == $_POST["fname"]

thanks

Comptons_Eazy_E · November 21, 2009

Also strangely i'm only able to login with one account (id 0) How do I loop it threw all accounts?

Deoctor · November 21, 2009

hai dude

have u tried using the cookies i think that would resolve your issue

u can use this login which i have created

<?php
//session_start();
// set your infomation.
include("access.php");

if (isset($_COOKIE['user'])) {
echo "Welcome $_COOKIE[user]";
}else{


if ($_POST['username']) {
//did they supply a password and username
$username=$_POST['username'];
$password=$_POST['password'];
if ($password==NULL) {
echo "A password was not supplied";
}else{
$query = mysql_query("SELECT username,password FROM userlogin WHERE username = '$username'") or die(mysql_error());
$data = mysql_fetch_array($query);
if($data['password'] != $password) {
echo "The supplied login is incorrect";
}else{
$query = mysql_query("SELECT username,password FROM userlogin WHERE username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($query);
setcookie("user", "$username", time()+3600);
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=all.html\">";
}
}
}
?>

<form action='login.php' method='POST'>
<table align="center" width="300">
<tr>
<td height="800"><table style='border:1px solid #000000;' align="center">
<tr>
<td align='right'>
Username: <input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='right'>
Password: <input type='password' size='15' maxlength='25' name='password'>
</td>
</tr>
<tr>
<td align='center'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='center'>
<a href='register.php'>Register Here</a>
</td>
</tr>
</table></td>
</tr>
</table>

</form>
<?
};
?>

change it to your needs

Comptons_Eazy_E · November 21, 2009

hai dude

have u tried using the cookies i think that would resolve your issue

u can use this login which i have created

<?php
//session_start();
// set your infomation.
include("access.php");

if (isset($_COOKIE['user'])) {
echo "Welcome $_COOKIE[user]";
}else{


if ($_POST['username']) {
//did they supply a password and username
$username=$_POST['username'];
$password=$_POST['password'];
if ($password==NULL) {
echo "A password was not supplied";
}else{
$query = mysql_query("SELECT username,password FROM userlogin WHERE username = '$username'") or die(mysql_error());
$data = mysql_fetch_array($query);
if($data['password'] != $password) {
echo "The supplied login is incorrect";
}else{
$query = mysql_query("SELECT username,password FROM userlogin WHERE username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($query);
setcookie("user", "$username", time()+3600);
echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=all.html\">";
}
}
}
?>

<form action='login.php' method='POST'>
<table align="center" width="300">
<tr>
<td height="800"><table style='border:1px solid #000000;' align="center">
<tr>
<td align='right'>
Username: <input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='right'>
Password: <input type='password' size='15' maxlength='25' name='password'>
</td>
</tr>
<tr>
<td align='center'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='center'>
<a href='register.php'>Register Here</a>
</td>
</tr>
</table></td>
</tr>
</table>

</form>
<?
};
?>

change it to your needs

Not what i meant =/ I can only login with the first id in the mysql database. Not the others

Deoctor · November 21, 2009

Hai

in the code which you have written u have mentioned as

   $result = mysql_query("SELECT * from players");

but where are you verifying the values that are given to the values in the database.

so u need to change the code like this

    $result = mysql_query("SELECT * from players where name='$_POST["fname"]' and password=$_POST["ppassword"]");

cags · November 21, 2009

You fetch all lines from the database (SELECT * with no WHERE clause), you then call mysql_fetch_row once, which will obviously only ever use the first line. To have a proper login system you would need to either...

a.) Keep your current query but loop through the rows. That would be inefficient though.

b.) Change your query to only select a row that has a username and password that matched what the user entered.

SELECT * FROM table WHERE username='$username' AND password='$password';

But DON'T pass $_POST['username'] (or any other value entered by the enduser) directly to the query. You'll open your database up to all sorts of hacking (though since you provided your database longin details in your post, people won't have to try to hard to 'hack' in).

Oh and :php_tags:

Comptons_Eazy_E · November 21, 2009

You fetch all lines from the database (SELECT * with no WHERE clause), you then call mysql_fetch_row once, which will obviously only ever use the first line. To have a proper login system you would need to either...

a.) Keep your current query but loop through the rows. That would be inefficient though.

b.) Change your query to only select a row that has a username and password that matched what the user entered.
SELECT * FROM table WHERE username='$username' AND password='$password';
But DON'T pass $_POST['username'] (or any other value entered by the enduser) directly to the query. You'll open your database up to all sorts of hacking (though since you provided your database longin details in your post, people won't have to try to hard to 'hack' in).

Oh and

like this??????????:

$result = mysql_query("SELECT * from players");

if (!$result)

{

die ('Can\'t connect you to the MYSQL database : ' . mysql_error());

}

$row = mysql_fetch_row($result);

Deoctor · November 21, 2009

yes i to agree with the cags..

there is no need for any one to hack the database.

it is already available for easy hacking..

please mention ur database details in a separate inc page and include the file in here ..

u can use it like this and name it as dbpage.inc

<?php
$dbhost='localhost';
$dbuser='root';
$dbpass='';
$dbname='rss';
$link=mysql_connect($dbhost,$dbuser,$dbpass);
if(!$link)
{
    echo("<p>Could not connect to MySql</p>".mysql_error());
}
else
{
    //echo("<p>Connection successful!!!</p>");
}      

?>

and use the following in the login page

include("dbpage.inc");

cags · November 21, 2009

$result = mysql_query("SELECT * from players");
if (!$result){
  die ('Can\'t connect you to the MYSQL database : ' . mysql_error());
}
$row = mysql_fetch_row($result);

Selects all rows as a resource object, then fetches the first row as a column. As I said in my previous post you only wish to fetch the row that matches the username and password. You can then use mysql_num_rows to find out if a row was found. If it wasn't then the user isn't in the database or entered incorrect details, if it is then you allow them entry.

Sign In

I can't find the error.

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information