Linjon Posted March 26, 2010 Share Posted March 26, 2010 I have this error. My code: <?php include ('config.php'); session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username && $password) { $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrows = mysql_num_rows($query); if ($numrows!=0) ( //code to login while ($row = mysql_fetch_assoc($query)); { $dbusername = $row['username']; $dbpassword = $row['password']; } //check to see if they match! if ($username == $dbusername && $password==$dbpassword) { echo "You are logged in! <a href='member.php'>Click here</a>"; $_SESSION['username'] == $username; } else echo "Wrong password!"; } else die ("User not found!"); echo = $numrows; } else die ("Write your username and password!"); ?> Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/ Share on other sites More sharing options...
darkfreaks Posted March 26, 2010 Share Posted March 26, 2010 there is a semi after the while Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032370 Share on other sites More sharing options...
Linjon Posted March 26, 2010 Author Share Posted March 26, 2010 Still this problem :S Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032397 Share on other sites More sharing options...
mikesta707 Posted March 26, 2010 Share Posted March 26, 2010 this if statement if ($numrows!=0) ( you are using an opening parens instead of an opening curly bracket. after you remove the semi colon after the while loop, changing that if to if ($numrows!=0) { should fix the problem Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032426 Share on other sites More sharing options...
Linjon Posted March 26, 2010 Author Share Posted March 26, 2010 These are same? Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032463 Share on other sites More sharing options...
mikesta707 Posted March 26, 2010 Share Posted March 26, 2010 no... if you read my response, its an opening parens '(' rather than an opening curly bracket '{' syntax wise they are completely different Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032464 Share on other sites More sharing options...
jonsjava Posted March 26, 2010 Share Posted March 26, 2010 Here's a cleaned up version of your code. <?php include ('config.php'); session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username && $password) { $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $query = mysql_query("SELECT * FROM `users` WHERE `username`='$username' LIMIT 1;"); $numrows = mysql_num_rows($query); if ($numrows!=0) { //code to login while ($row = mysql_fetch_assoc($query)) { $dbpassword = $row['password']; } //check to see if they match! if ($password==$dbpassword) { $_SESSION['username'] == $username; header("location:member.php"); exit(); } else{ echo "Wrong password!"; } } else{ echo $numrows; die ("User not found!"); } } else die ("Write your username and password!"); ?> I changed if ($numrows !=0) ( to if ($numrows !=0) { removed the semicolon at the end of the while line fixed the indentation, bracketed the else statements, removed the check to see if $user=$dbuser, because the query would have come up empty if it didn't. I also sanitized the user input so you aren't susceptible to injection attacks, cleaned up the query, so it only checks for one result, so it will run faster. I'm thinking I did more, but I lost track (boss came in, and I got side-tracked) Quote Link to comment https://forums.phpfreaks.com/topic/196626-unexpected-t_while/#findComment-1032487 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.