zimmo Posted May 19, 2010 Share Posted May 19, 2010 I am using the balance feature in my software to match up brackets so I can see where I am going wrong. But I am at a loss as to why my first opening bracket on an if statement will not match up to the last bracket as I expect it to? I have simplified my code from my last entry the other day. I can now see that something is wrong somewhere as my opening if statement bracket tag will not match up with anything? <?php // Include the connections script to make a database connection. include("inc/connect.php"); $username = ""; $password = ""; $errorMessage = ""; // Set up a function for the sql injection function quote_smart($value, $handle) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value, $handle) . "'"; } return $value; } // End of function // Start the form check code and login etc.. // The code should only start if a post has been requested if ($_SERVER['REQUEST_METHOD'] == 'POST'){ $username = $_POST['username']; $password = $_POST['password']; $username = htmlspecialchars($username); $password = htmlspecialchars($password); $username = quote_smart($username, $connection); $password = quote_smart($password, $connection); $SQL = "SELECT * FROM tablea WHERE username = $username AND password = '".md5($_POST['password'])."'"; #execute SQL statement $result = mysql_db_query( *****,"$SQL",$connection ); if (mysql_num_rows($sql_result) ==0) { session_start(); if(isset($_SESSION['attempts'])) { $_SESSION['attempts']=$_SESSION['attempts']+1; } else { $_SESSION['attempts'] = "1"; } # setup SQL statement $SQL = " INSERT INTO tableb "; $SQL = $SQL . " (sid, username, password, attempts, ipaddress) VALUES "; $SQL = $SQL . " ('$_COOKIE[phpSESSID]', $username, $password, '$_SESSION[attempts]', '$_SERVER[REMOTE_ADDR]') "; $SQL = $SQL . " ON DUPLICATE KEY UPDATE sid=VALUES(sid), username=VALUES(username), password=VALUES(password), attempts=VALUES(attempts), ipaddress=VALUES(ipaddress) "; #execute SQL statement $result = mysql_db_query( *****,"$SQL",$connection ); if (!$result) { echo("ERROR: " . mysql_error() . "\n$SQL\n"); } else { # setup SQL statement 2 $SQL = "SELECT attempts FROM tableb WHERE sid = '$_COOKIE[phpSESSID]' "; $result = mysql_query($SQL); if (mysql_num_rows($result) ==0) { $errorMessage = "Please check your username and/or password is correct"; } else { while ($row = mysql_fetch_array($sql_result)){ $attempts = $row["attempts"]; if $attempts >=3 { header ("Location: index2.html"); } else { $errorMessage = "Please check your username and/or password is correct"; } } } } else { session_start(); $_SESSION['username'] = "$_POST[username]"; header ("Location: index.html"); } // Closing Tag for the Post mysql_close($connection); } ?> When I select this bracket on this line: if ($_SERVER['REQUEST_METHOD'] == 'POST'){ If will not match anything, when my thought was it should match the last bracket where I have // Closing Tag for the Post mysql_close($connection); } Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted May 19, 2010 Share Posted May 19, 2010 Line 73, if $attempts >=3, missing parentheses. Need another closing curly brace before your final else statement. { $errorMessage = "Please check your username and/or password is correct"; } } } } } else { session_start(); Quote Link to comment Share on other sites More sharing options...
zimmo Posted May 19, 2010 Author Share Posted May 19, 2010 Thanks, missed that one. Now, the problem I have is its giving me an error for line 78. Parse error: syntax error, unexpected T_ELSE in /blah/ on line 78 Its driving me insane as I dont understand why? Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted May 19, 2010 Share Posted May 19, 2010 Post the code you have now . . . Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.