Unexpected Parse Error Help

[Samza]

Hi,

 

I am fairly new to PHP and I can't for the life of me correct this error:

 

"Parse error: syntax error, unexpected '$username' (T_VARIABLE) in D:\Computer Forensics\xampp\htdocs\xampp\iis\php\userprofile.php on line 7"

 

Here is the corrosponding file code:

 

<?php
include 'connection.php';

?>
<?php
$username = $_SESSION['authenticatedUser'];
$query = 'SELECT firstname, surname, username, password, email, address1, address2, postcode FROM customers WHERE username='$username' LIMIT 1';
$result = mysql_query($query);
while($row = mysql_fetch_assoc($result))
{
$username = $row['username'];
}
?>

<html>
<table border=1>
<tr>
<th>Username</th><td><input type="text" name="username" value="<?php echo $_SESSION["authenticatedUser"] ?>" /></td>
</tr>

</table>
</html>

 

I have tried using the $_SESSION variable instead of $username and alternated the quotation marks etc but it still has no affect.

 

It would be much appreciated if anyone could help me out.

 

Thanks,

Sam.

[mrMarcus]

Replace your query with:

 

$query = "SELECT firstname, surname, username, password, email, address1, address2, postcode FROM customers WHERE username='". $username ."' LIMIT 1";

[Samza]

Thanks mate! I'm also looking to display the user's password however I have multiple encryption's with a salt on it. Would I have to create a reverse function to display it in the form for them to edit, or should I not show their password for safety?

[mrMarcus]

There is no need to display the password at any time. If a user does not remember their password, you'll need to build a password recovery tool for them.

 

And, assuming you're hashing the password (using md5() or the like), you cannot reverse it. It is a one-way hashing function.