techrahul87 Posted July 4, 2011 Share Posted July 4, 2011 HI everyone, i m new to php. the code was working fine but when i include d.inc it is generating a error. Parse error: syntax error, unexpected T_FUNCTION in every page of my application. here is the sample of code from one page.......... <?php include(db.inc) if(isset($_REQUEST['submit'])) { $user=$_POST["txtuser"]; $pass=$_POST["txtpassword"]; $res = 0; $con=mysql_connect($host1,$username1,$password1) or die(mysql_error()); mysql_select_db($database1,$con) or die(mysql_error()); $sql="select count(1) as c from userdata where username='".$user."' and password='".$pass."' and status=1 and now() < expireon"; $result = mysql_query($sql); while($row = mysql_fetch_array($result)) { $res = $row['c']; } if($res > 0) { session_start(); $_SESSION['user'] = $user; $_SESSION['pass'] = $pass; header("Location:main.php"); } else { echo "Your username/password is either wrong or expired"; } mysql_close($con); } error is generating on line where if is used. thanks in advance Link to comment https://forums.phpfreaks.com/topic/241076-parse-error-syntax-error-unexpected-t_function/ Share on other sites More sharing options...
Psycho Posted July 4, 2011 Share Posted July 4, 2011 You need to follow each line of code with a semi-colon. I would suggest never putting a line of code on the same line as the opening PHP tag for multi-line blocks of code - it impairs readability. The exception would be when echo'ing a value within the HTML content. Also, that line won't work because the include file needs to be a string: <?php include('db.inc'); if(isset($_REQUEST['submit'])) EDIT: one last note. Since you are using a double-quoted string to define your query, you don't need to exit the string to include variables. Within double quoted strings variables will be interpreted as their assigned values - it makes the strings much more readable, IMHO. Also, when doing so, it is a good idea to enclose the variables within curly braces (i.e. {}) - that helps to prevent possible parsing errors. $sql="SELECT COUNT(1) AS c FROM userdata WHERE username='{$user}' AND password='{$pass}' AND status=1 AND NOW() < expireon"; Link to comment https://forums.phpfreaks.com/topic/241076-parse-error-syntax-error-unexpected-t_function/#findComment-1238289 Share on other sites More sharing options...
EdwinPaul Posted July 4, 2011 Share Posted July 4, 2011 Another thing: some browsers do not send the contents of the submit-button whent the user hits enter, so it might be dangerous to test for the contents of that button. Also: $_REQUEST is an array which consists of everything in the $_GET, $_POST and $_COOKIE -arrays. You'd better check: if ($_SERVER['REQUEST_METHOD'] == "POST"){ in stead of if(isset($_REQUEST['submit'])) Also: try to find something on the internet about sql-injection. Your script is vulnerable! If I enter a user like 1' OR '1=1 with the same pasword, I can enter your site. Link to comment https://forums.phpfreaks.com/topic/241076-parse-error-syntax-error-unexpected-t_function/#findComment-1238303 Share on other sites More sharing options...
techrahul87 Posted July 6, 2011 Author Share Posted July 6, 2011 THANKS FOR HELPING ME OUT............. THANK U VERY MUCH Link to comment https://forums.phpfreaks.com/topic/241076-parse-error-syntax-error-unexpected-t_function/#findComment-1238873 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.