Jump to content

Archived

This topic is now archived and is closed to further replies.

steelmanronald06

Parse Error

Recommended Posts

I have created a small register script, but I keep getting an error. Here is the script:

[code]
<?php
// Require top.php
require_once('../includes/top.php');

// Require db.php
require_once('../includes/db.php');

// Assign Secure Access Levels
$secure_username = $_SESSION['username'];
$secure_query = $db->GetAll("SELECT * FROM `users` where username='$secure_username'");
foreach($secure_query as $secure_level)
{
    $access_level = $secure_level['user_level'];
}

// Deny Registered Users
if($access_level == 1 ||
  $access_level == 2 ||
  $access_level == 3 ||
  $access_level == 4) {
   
    echo "Access Denied: You are already registered. If you are not registered, and continue to recieve this
      message, please contact the Administrator at admin@netgeekz.net . Thank You.";
   
}

// If They Are Not Registered, Let Them
if($access_level == 0) {
 
  // If The Form Has Done Been Submitted, Register The User
  if (isset($_POST['register'])) {
   
    // Assign User Submitted Variables
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $email_address = $_POST['email_address'];
    $username = $_POST['username'];
    $password = $_POST['password'];
   
    // Strip Tags From Variables
    $first_name = strip_tags(trim($first_name));
    $last_name = strip_tags(trim($last_name));
    $email_address = strip_tags(trim($email_address));
    $username = strip_tags(trim($username));
    $password = strip_tags(trim($password));
   
    // Assign The Date To A Variable
    $date = date("D m/d/Y - g:ia");
   
    if(eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $email_address)) {
 
  // All Security Checks Have Been Passed, So Insert Them Into The Database
  $db->Execute("INSERT INTO users (first_name,last_name,email_address,username,password,user_level,signup_date,activated)
              VALUES ('$first_name',
                      '$last_name',
                      '$email_address',
                      '$username',
                      '$password',
                      1,
                      '$date',
                      0
                      )");
   
  // Time To Mail The User Their Info
$mail_date = date('l dS \of F Y h:i:s A');
    $email_subject = "LAMPGeekz: Your Membership";
    $email = "Hello $first_name $last_name ! You are recieving this email because you, or someone with your
    email has registered the username, $username , at our site: http://lampgeekz.netgeekz.net
    If this is you, please click the link below to confirm your account:
   
    http://localhost/lampgeekz/members/activate.php

    This is an automated email! DO NOT REPLY!";
    $from = "noreply@netgeekz.net";


    $headers1 = "MIME-Version: 1.0\r\n";
    $headers1 .= "Content-type: text/html; charset=iso-8859-1\r\n";
    $headers1 .= "To: ".$email_address."\r\n";
    $headers1 .= "From: ".$from."\r\n";
    $headers1 .= "Reply-To: ".$from."\r\n";
    mail($email_address, $subject, $email, $headers);
   
}else{
 
  //Invalid Email Address
  echo "We are sorry, but the email address you typed in is not valid.  Please use standard email address
  format: youremail@yourhost.com.  Please try again!";
 
}

// If They Did Not Submit A Form, Lets Show That Now
echo "<h1>Register New User Account!</h1>";
    ?>
   
    <p>
    <form name="register" method="post" action="<? echo $PHP_SELF ?>">
    First Name: <input type="text" name="first_name"> <br /><br />
    Last Name: <input type="text" name="last_name"> <br /><br />
    Email Address: <input type="text" name="email_address"> <br /><br />
    Username: <input type="text" name="username"> <br /><br />
    Password: <input type="text" name="password"> <br><br>
    <input type="submit" name="register" value="Register Me!" style="cursor:pointer">
    </form>
    </p>
   
    <?php
   
  }else{
 
  // For Those Who Failed All Security Test 
  echo "We are sorry, but there appears to be an internal error. Please try again. If this problem continues,
  contact the administrator at admin@netgeekz.net. Thank you!";
 
  // Now Send An Email To The Admin About The Error
  $mail_date = date('l dS \of F Y h:i:s A');
  $email_url = $_SERVER['PHP_SELF'];
  $email_ip = $_SERVER['REMOTE_ADDR'];
  $to2  = 'webmaster@netgeekz.net' . ', ';
  $to2 .= 'cliff@netgeekz.net';
  $subject2 = "LAMPGeekz Report!";
  $email2 = "The following has happened on $mail_date at $email_url !

  $sercure_username (IP: $email_ip ) has accessed the following page, $email_url , and
  has recieved an internal error. Both security checks were either flawed or failed in some way.

  This is an automated email! DO NOT REPLY!";
  $from2 = "noreply@netgeekz.net";


  $headers1 = "MIME-Version: 1.0\r\n";
  $headers1 .= "Content-type: text/html; charset=iso-8859-1\r\n";
  $headers1 .= "To: ".$to."\r\n";
  $headers1 .= "From: ".$from2."\r\n";
  $headers1 .= "Reply-To: ".$from2."\r\n";

  mail($to2, $subject2, $email2, $headers);
 
}

// Require bot.php
require_once('../bot.php');
?>[/code]

Here is the error that it generates:

[quote]Parse error: parse error, unexpected $end in C:\wamp\www\lampgeekz\members\register.php on line 154[/quote]

At first I thought it might be bot.php or top.php but those two work fine in other pages when included.

Thanks in advance.

P.S. Pardon the messy code. I try and have good coding techniques, but I'm not exactly the best at it.  I just try and get the job done, while still being able to read it  :-\

Share this post


Link to post
Share on other sites
Just read the faq for that :)  got a new error now:

[quote]Fatal error: Call to undefined function NewADOConnection() in C:\wamp\www\lampgeekz\includes\db.php on line 4[/quote]

for

[code]
<?php

// Connects To The Database
$db = NewADOConnection('mysql');
$db->Connect('localhost', 'root', 'fake', 'lampgeekz');

?>
[/code]

Share this post


Link to post
Share on other sites
Perhaps this post wasn't a complete flop?  I get this :(

[quote]
Forbidden

You don't have permission to access /lampgeekz/members/< on this server.
Apache/2.0.55 (Win32) PHP/5.1.4 Server at localhost Port 80
[/quote]

with url:

[quote]
http://localhost/lampgeekz/members/%3C?%20echo%20$PHP_SELF;%20?%3E
[/quote]

when I try and hit the register button, so maybe this bit of code??

[code]
    <p>
    <form name="register" method="post" action="<? echo $PHP_SELF; ?>">
    First Name: <input type="text" name="first_name"> <br /><br />
    Last Name: <input type="text" name="last_name"> <br /><br />
    Email Address: <input type="text" name="email_address"> <br /><br />
    Username: <input type="text" name="username"> <br /><br />
    Password: <input type="text" name="password"> <br><br>
    <input type="submit" name="register" value="Register Me!" style="cursor:pointer">
    </form>
    </p>
[/code]

Share this post


Link to post
Share on other sites
watch for short tags not enabled, and better to use the $_SERVER array

[code]action="<?php echo $_SERVER['PHP_SELF']; ?>">[/code]

Share this post


Link to post
Share on other sites
er, the form is saved as a .php file, right?

Share this post


Link to post
Share on other sites
[quote author=steelmanronald06 link=topic=106691.msg426954#msg426954 date=1157251653]
I get the same with that, but this url:

http://localhost/lampgeekz/members/%3C?%20echo%20$_SERVER['PHP_SELF'];%20?%3E
[/quote]
Did you check if short tags are enabled? The above still translates as:
http://localhost/lampgeekz/members/<? echo $_SERVER['PHP_SELF']; ?>

Try (as in AndyB's post):
[code]action="<?php echo $_SERVER['PHP_SELF']; ?>">[/code]

Apologies if you did try that. It wasn't obvious if you had or not.

Share this post


Link to post
Share on other sites
Is this section of the output buried in some HEREDOC syntax or whatever because the URL should not contain the entity values.  If the code snippet you posted were in a stand-alone file it would work.

Take a look at the generated code from your script - before clicking the submit button and see what's in the code.

Share this post


Link to post
Share on other sites
You could leave the action blank (action=""), or omit it, as calling itself is the default.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.