Twist3d Posted June 26, 2010 Share Posted June 26, 2010 I have a problem of missing the most obvious things. But I'm trying to create a login script. Here is the error: Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in *****/login.php on line 47 Here is the code around line 47 case 'login2': session_start(); require_once 'connect.php'; $username = $_POST['user']; $escaped_username = mysql_real_escape_string($username); $md5_password = md5($_POST['pass']); $query = mysql_query("select * from users where Username = $username and Password = $md5_password"') $num_rows = mysql_num_rows($result); if($num_rows == 1){ $result = mysql_fetch_assoc($query); $_SESSION['User'] = $_POST['user']; echo "Logged in"; } else{ echo "Wrong Username or Password"; } break; That is the case of login?action=login2 Any help? Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/ Share on other sites More sharing options...
nomanoma Posted June 26, 2010 Share Posted June 26, 2010 can please post the whole login.php page? Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077568 Share on other sites More sharing options...
Twist3d Posted June 26, 2010 Author Share Posted June 26, 2010 <?php session_start(); $toswitch = $_GET['action']; switch($toswitch){ default: if (isset($_SESSION['Admin'])){ echo "You are already logged in! <br> Click <a href='addproject.php'>Here</a> to add a project"; } else{ ?> <!--HTML Form --> <form name="login_form" method="post" action="login.php?action=login2"> <input name="user" type="text" id="user"> Username<br /> <input name="pass" type="password" id="pass"> Password<br /> <input type="submit" name="login" id="login" value="Login" /> </form> <?php //Ending the case by breaking it } break; case 'login2': session_start(); require_once 'connect.php'; $username = $_POST['user']; $escaped_username = mysql_real_escape_string($username); $md5_password = md5($_POST['pass']); $query = mysql_query("select * from users where Username = $username and Password = $md5_password"') $num_rows = mysql_num_rows($result); if($num_rows == 1){ $result = mysql_fetch_assoc($query); $_SESSION['User'] = $_POST['user']; echo "Logged in"; } else{ echo "Wrong Username or Password"; } break; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077569 Share on other sites More sharing options...
premiso Posted June 26, 2010 Share Posted June 26, 2010 You have a Syntax error (look at the code you posted where it all starts to go red) your syntax error is above that. $query = mysql_query("select * from users where Username = $username and Password = $md5_password"') A few things wrong with this. A. the ' at the very end, this is a syntax error. B. There is no ; at the very end, another syntax error. C. MySQL requires single quotes around text / string data. Here is that line corrected: $query = mysql_query("select username from users where Username = '$username' and Password = '$md5_password' LIMIT 1"); Just an anal part of me, you only return data you need. Since you do not use any data received from the query just pull one record and one column, this will improve efficiency of the query. I have not looked anywhere else, but that should take care of your syntaxual error for that part at least. Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077580 Share on other sites More sharing options...
PFMaBiSmAd Posted June 26, 2010 Share Posted June 26, 2010 You also need to use $escaped_username in the query instead of $username Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077582 Share on other sites More sharing options...
Twist3d Posted June 26, 2010 Author Share Posted June 26, 2010 Still 1 more problem. Thanks you two tho, but now I get this: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/twisteds/public_html/time/login.php on line 40 Wrong Username or Password Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077605 Share on other sites More sharing options...
premiso Posted June 26, 2010 Share Posted June 26, 2010 Change this line to get the mysql error: $query = mysql_query("select username from users where Username = '$username' and Password = '$md5_password' LIMIT 1") or trigger_error("Username Password Query Failed: " . mysql_error()); Should tell you where the problem lies within the query. Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077607 Share on other sites More sharing options...
Twist3d Posted June 26, 2010 Author Share Posted June 26, 2010 I don't think there is anything wrong with the query. Cause when I goto login.php?action=login2 it still gives: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/twisteds/public_html/time/login.php on line 40 Wrong Username or Password Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077609 Share on other sites More sharing options...
PFMaBiSmAd Posted June 26, 2010 Share Posted June 26, 2010 Your mysql_num_rows($result); statement is not using the correct variable that the result of $query = mysql_query(....); was assigned to. Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077611 Share on other sites More sharing options...
Twist3d Posted June 26, 2010 Author Share Posted June 26, 2010 Ahh, thanks. All works now See, that is what I mean by I miss the most visible things -.-' Quote Link to comment https://forums.phpfreaks.com/topic/205927-login-script/#findComment-1077613 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.