Jump to content

unexpected T_VARIABLE error help


lingo5

Recommended Posts

Hi,

I'm getting this error

Parse error: syntax error, unexpected T_VARIABLE in /sample.php on line 48

when executing this script

<?php

function login($username, $password) {
$username = addslashes($username);
$password = md5($password);
$query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'");
if(mysql_num_rows($query) == 1) {
	$info = mysql_fetch_array($query);
	$userid = $info[userid];
	$sessionid = md5($userid . time());
	$time = time();
	@setcookie ('test_account', $sessionid, $time+3600, '/', '');
	mysql_query("DELETE FROM user_sessions WHERE userid='$userid'");
	mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')");
	return $userid;
} else {
	return 0;
}
}

function status() {
$sessionid = $_COOKIE[test_account];
$oldtime = time() - 3600;
$query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime");
if(mysql_num_rows($query) == 1) {
	$info = mysql_fetch_array($query);
	return $info[userid];
}
return 0;
}

function logout() {
$sessionid = $_COOKIE[test_account];
@setcookie ("test_account",'', time()-99999, '/', '');
mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'");
}

if($_POST[username] !='' || $_POST[password] != '') {
$login_status = login($_POST[username], $_POST[password]);
} else if($_GET[logout]) {
logout();
}
$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout'>Click here to logout</a>)"; } else {

if($login_status != '' $login_status == 0) { echo "Invalid username/password combo.<br>"; }
?>


<form action="sample.php" method="POST">
<input type=text name=username>
<input type=password name=password>
<input type=submit value="Log In">
</form>

<?php } ?>

 

Can NE1 help?

Thanks

Link to comment
https://forums.phpfreaks.com/topic/192053-unexpected-t_variable-error-help/
Share on other sites

is this line 48

 

if($login_status != '' $login_status == 0) { echo "Invalid username/password combo.<br>"; }

 

 

which should be

 

if($login_status != '' && $login_status == 0) { echo "Invalid username/password combo.<br>"; }

?>

Thanks, your solutions have solved the unexpected T_VARIABLE error, but I'm geting this error now

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /sample.php on line 7

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /sample.php on line 25

@jl5501

 

Yes, bool (false) is equivalent to (int)0, (float)0.0, (string)'' || ' ', an empty array or object

 

@lingo5

 

add

or trigger_error(mysql_error(), E_USER_ERROR);

 

to the end of your querys to give a readout of the error

 

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = md5($password);
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info[userid];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE[test_account];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info[userid];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE[test_account];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if($_POST[username] !='' || $_POST[password] != '') {
   $login_status = login($_POST[username], $_POST[password]);
} else if($_GET[logout]) {
   logout();
}
$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout'>Click here to logout</a>)"; } else {

if( empty($login_status) ) { echo "Invalid username/password combo.<br>"; }
?>


<form action="sample.php" method="POST">
<input type=text name=username>
<input type=password name=password>
<input type=submit value="Log In">
</form>

<?php } ?>

 

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = md5($password);
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info[userid];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE[test_account];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info[userid];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE[test_account];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if($_POST[username] !='' || $_POST[password] != '') {
   $login_status = login($_POST[username], $_POST[password]);
} else if( isset($_GET['logout'])) {
   logout();
   Header('Location: ' . $_SERVER['PHP_SELF']);
   exit;
}

$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout=true'>Click here to logout</a>)"; } else {

if( empty($login_status) ) { echo "Invalid username/password combo.<br>"; }
?>


<form action="sample.php" method="POST">
<input type=text name=username>
<input type=password name=password>
<input type=submit value="Log In">
</form>

<?php } ?>

 

That work?

Hi again. I have not tested the Header Location code yet.

I am now able to login, but as soon as I enter my user and pass, a clean login form loads and only by pressing the Log in button again I get the welcome message.

You can see what mean here

http://www.mallorcaattraction.com/asoc/

user= salva

pass= 1234

 

Also no error message displays when wrong user/pass entered

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = md5($password);
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE['test_account'];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if( !empty($_POST['username']) && !empty($_POST['password']) ) {
   $login_status = login($_POST['username'], $_POST['password']);
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
} else if( isset($_GET['logout'])) {
   logout();
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
   exit;
}

$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout=true'>Click here to logout</a>)"; } else {

if( !isset($login_status) || $login_status === 0 ) { echo "Invalid username/password combo.<br >"; }
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php } ?>

 

Many thanks Andy-H, this seems to work now except for the "Invalid username/password combo.

" message showing on page load. Also I had to remove the md5 from

$password = md5($password);

The database does not save the password as md5.

 

 

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = $password;
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE['test_account'];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if( !empty($_POST['username']) && !empty($_POST['password']) ) {
   $login_status = login($_POST['username'], $_POST['password']);
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
} else if( isset($_GET['logout'])) {
   logout();
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
   exit;
}

$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout=true'>Click here to logout</a>)"; } else {

if( !isset($login_status) || $login_status === 0 && isset($_POST['submit']) ) { echo "Invalid username/password combo.<br >"; }
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php } ?>

 

k m8 gonna have one more bash at it.

 

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = $password;
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE['test_account'];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if( !empty($_POST['username']) && !empty($_POST['password']) ) {
   $login_status = login($_POST['username'], $_POST['password']);
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
} else if( isset($_GET['logout'])) {
   logout();
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
   exit;
}

$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout=true'>Click here to logout</a>)"; } else {

if( isset($login_status) && $login_status === 0 ) { echo "Invalid username/password combo.<br >"; }
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php } ?>

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = $password;
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password'")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid'")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE['test_account'];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_array($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if( !empty($_POST['username']) && !empty($_POST['password']) ) {
   $login_status = login($_POST['username'], $_POST['password']);
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
} else if( isset($_GET['logout'])) {
   logout();
   header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
   exit;
}

if( isset($login_status) && $login_status === 0 ) { echo "Invalid username/password combo.<br >"; }

$userid = status();

if($userid > 0) { echo "Welcome to our site, user #$userid (<a href='?logout=true'>Click here to logout</a>)"; } else {
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php } ?>

 

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = $password;
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password' LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_assoc($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid' LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = $_COOKIE['test_account'];
   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_assoc($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if ( isset($_POST['submit']) )
{

  if ( empty($_POST['username']) || empty($_POST['password']) )
  {
    $error = 'You must enter a username and password.<br >';
  }

  if ( login($_POST['username'], $_POST['password']) == 0 )
  {
    $error = 'Incorrect username / password combination.<br >';
  }

}

if ( status() === 0 )
{
  if (isset($error))
    echo $error;
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php
}
else
{
  echo "Welcome to our site, user #" . status() . " (<a href='?logout=true'>Click here to logout</a>)";
}

?>

<?php

function login($username, $password) {
   $username = addslashes($username);
   $password = $password;
   $query = mysql_query("SELECT * FROM user_accounts WHERE username='$username' AND password='$password' LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_assoc($query);
      $userid = $info['userid'];
      $sessionid = md5($userid . time());
      $time = time();
      @setcookie ('test_account', $sessionid, $time+3600, '/', '');
      mysql_query("DELETE FROM user_sessions WHERE userid='$userid' LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);;
      mysql_query("INSERT INTO user_sessions (sessionid,userid,timestamp) VALUES('$sessionid','$userid','$time')")or trigger_error(mysql_error(), E_USER_ERROR);
      return $userid;
   } else {
      return 0;
   }
}

function status() {
   $sessionid = isset($_COOKIE['test_account']) ? $_COOKIE['test_account'] : 0;

   if ($sessionid === 0)
   {
     return 0;
   }

   $oldtime = time() - 3600;
   $query = mysql_query("SELECT * FROM user_sessions WHERE sessionid='$sessionid' AND timestamp>$oldtime LIMIT 1")or trigger_error(mysql_error(), E_USER_ERROR);
   if(mysql_num_rows($query) == 1) {
      $info = mysql_fetch_assoc($query);
      return $info['userid'];
   }
   return 0;
}

function logout() {
   $sessionid = $_COOKIE['test_account'];
   @setcookie ("test_account",'', time()-99999, '/', '');
   mysql_query("DELETE FROM user_sessions WHERE sessionid='$sessionid'")or trigger_error(mysql_error(), E_USER_ERROR);
}

if ( isset($_POST['submit']) )
{

  if ( !isset($_POST['username']) || !isset($_POST['password']) )
  {
    $error = 'You must enter a username and password.<br >';
  }

  if ( login($_POST['username'], $_POST['password']) == 0 )
  {
    $error = 'Incorrect username / password combination.<br >';
  }

}

if ( status() === 0 )
{
  if (isset($error))
    echo $error;
?>


<form action="<?php htmlentities($_SERVER['PHP_SELF']); ?>" method="POST">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" value="Log In">
</form>

<?php
}
else
{
  if (isset($_GET['logout']))
  {
    logout();
    header('Location: ' . htmlentities($_SERVER['PHP_SELF']));
    exit;
  }

  echo "Welcome to our site, user #" . status() . " (<a href='?logout=true'>Click here to logout</a>)";
}

?>

 

Dont know mate, why not use sessions?

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.