Jump to content

Parse error, unexpected end of file. Cant find the problem, need assistance.

tougeman

By tougeman
in PHP Coding Help

 Share

Recommended Posts

tougeman Newbie

tougeman

Posted
Posted

i built a basic payroll program for a school project and i was told to implement a failed login attempt counter in my login page. long story short i decided to go the route of using cookies out of simplicity and when adding the code, i keep getting parse errors. i cant seem to find where the issue is? can any pro give me a hand? thank you in advance!

 

this is the exact error i get:Parse error: syntax error, unexpected end of file in C:\xampp\htdocs\payrollsystem\pages\login.php on line 197

<?php
session_start();
if(isset($_SESSION['employee'])){
    Header("Location: ../user/index.php");
} else if (isset($_SESSION['admin'])) {
    Header("Location: ../admin/index.php");
}

include '../includes/connect.inc.php';

if(isset($_POST['btn-login'])) {
    unset($msg);
    
    $userid = strip_tags($_POST['userid']);
    $pass = strip_tags($_POST['pass']);

    $userid = $mysqli->real_escape_string($userid);
    $pass = $mysqli->real_escape_string($pass);

    $query = "SELECT * FROM admin_db WHERE ID='".$userid."'";
    $result = $mysqli->query($query);
    $row = $result->fetch_array();

    $count = $result->num_rows; // if email/password are correct returns must be 1 row
 
 if ($pass == $row['pass'] && $count==1) {
     
    $_SESSION['admin'] = $row['ID'];
    $_SESSION['logintime'] = time();
    header("Location: ../admin/index.php");

    } else {
        
        $query = "SELECT * FROM employee_db WHERE ID='".$userid."'";
        $result = $mysqli->query($query);
        $row = $result->fetch_array();

        $count = $result->num_rows; // if email/password are correct returns must be 1 row
        
        if ($pass == $row['pass'] && $count==1) {
     
            $_SESSION['employee'] = $row['ID'];
            $_SESSION['logintime'] = time();
            header("Location: ../user/index.php");

            } else {
                $query = "SELECT * FROM supervisor_db WHERE ID='".$userid."'";
                $result = $mysqli->query($query);
                $row = $result->fetch_array();

                $count = $result->num_rows; // if email/password are correct returns must be 1 row

                if ($pass == $row['pass'] && $count==1) {

                    $_SESSION['supervisor'] = $row['ID'];
                    header("Location: ../timer/timer.php");
                    
                    } else {
                     $msg = "<br><b>Invalid Username or Password !</b><br>";
                    }
            }
        

if(!$result) {
      echo "The query failed " . mysql_error();
    } else {
      // If the row vairble does not equal the pass variable then an error occurs.
      $row = mysql_fetch_object($result);
        if($row->password != $pass) {
          if(isset($_COOKIE['login'])){
            if($_COOKIE['login'] < 3){
              $attempts = $_COOKIE['login'] + 1;
              setcookie('login', $attempts, time()+60*10); //set the cookie for 10 minutes with the number of attempts stored
              echo "I'm sorry, but your username and password don't match. Please go back and enter the correct login details. You Click <a href=\"login.php\">here</a> to try again.";
            } else{
              echo 'You\'ve had your 3 failed attempts at logging in and now are banned for 10 minutes. Try again later!';
            }
          } else {
            setcookie('login', 1, time()+60*10); //set the cookie for 10 minutes with the initial value of 1
          }
          } else{


 $mysqli->close();
 }
}
    



?>
<html>
<head>
   
  <?php
  $pageTitle = "Employee | Home";
  include '../includes/header.inc.php';
  ?>
    <link rel="stylesheet" type="text/css" href="../dist/css/loginstyle.css"/>
</head>

<body class="hold-transition skin-blue sidebar-collapse">
<div class="wrapper">

  <!-- Main Header -->
  <header class="main-header">

    <!-- Logo -->
    <a href="#" class="logo">
      <!-- mini logo for sidebar mini 50x50 pixels -->
      <span class="logo-mini"><b>A</b>LT</span>
      <!-- logo for regular state and mobile devices -->
      <span class="logo-lg"><b>OB-GYN</b>clinics</span>
    </a>

    <!-- Header Navbar -->
    <nav class="navbar navbar-static-top" role="navigation">
   
      <!-- Navbar Right Menu -->
      <div class="navbar-custom-menu">
        <ul class="nav navbar-nav">
    
          <!-- Control Sidebar Toggle Button -->
          <li>
             <!-- <a href="#" data-toggle="control-sidebar"> <i class="fa fa-gears"></i></a>
          </li>-->
        </ul>
      </div>
    </nav>
  </header>
  <!-- Left side column. contains the logo and sidebar -->
  <aside class="main-sidebar">

    <!-- sidebar: style can be found in sidebar.less -->
    <section class="sidebar">

      <!-- /.sidebar-menu -->
    </section>
    <!-- /.sidebar -->
  </aside>

  <!-- Content Wrapper. Contains page content -->
  <div class="content-wrapper">
    <!-- Content Header (Page header) -->
    <section class="content-header">
     
    
    </section>

    <!-- Main content -->
    <section class="content">

    <div class="login-container">
        <div class="login">
              <h1 class="login-heading" align="center">
                  <strong>User Login Portal</strong> </h1>
                  
                  	
            <form method="POST" action="login.php">
                <input type="text" name="userid" placeholder=" Employee ID Number" required="required" class="input-txt" />
                <input type="password" name="pass" placeholder=" Password" required="required" class="input-txt" />
                <div class="login-footer">
                  <input type="submit" class="btn btn--right" name="btn-login" align="center" Value="Login">
                </div>
                <?php
                if(isset($msg)){ echo $msg; }
                ?>
            </form>
        </div>
</div>

    </section>
    <!-- /.content -->
  </div>
  <!-- /.content-wrapper -->

  <?php
    include '../views/footer.php';
  ?>

  <!-- Control Sidebar -->
  <aside class="control-sidebar control-sidebar-dark">
    
  </aside>
  <!-- /.control-sidebar -->
  <!-- Add the sidebar's background. This div must be placed
       immediately after the control sidebar -->
  <div class="control-sidebar-bg"></div>
</div>
<!-- ./wrapper -->

<?php include '../includes/script.inc.php'; ?>
<script src="../dist/js/loginscript.js"></script>

</body>
</html>
Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted (edited)

You have an opening brace in line 11 which is never closed. To avoid this kind of error, you should use consistent formatting.

 

Note that a cookie-based check is entirely useless, because the user can just delete the cookie. In fact, an automated attack script won't even accept your cookies. Why should it do you that favor?

 

The check also seems logically flawed. You first let the user log in regardless of the counter. And then you check whether the user is allowed to logged in -- but that's already too late.

Edited by Jacques1
Link to comment
Share on other sites
tougeman Newbie

tougeman

Posted
  • Author
Posted (edited)

You have an opening brace in line 11 which is never closed. To avoid this kind of error, you should use consistent formatting.

 

Note that a cookie-based check is entirely useless, because the user can just delete the cookie. In fact, an automated attack script won't even accept your cookies. Why should it do you that favor?

 

The check also seems logically flawed. You first let the user log in regardless of the counter. And then you check whether the user is allowed to logged in -- but that's already too late.

i notice the logic flaw and since corrected it. I know cookies are useless but i need a quick implementation to satisfy our teachers request for login attempts since it is only a school project. we where given 1 day for corrections and i am not the original developer, a group member is. i updated the code on my above post and its kinda functional. still get a few more errors. have a look.

 

new errors

Warning: mysql_fetch_row() expects parameter 1 to be resource, object given in C:\xampp\htdocs\payrollsystem\pages\login.php on line 30

 

Notice: Trying to get property of non-object in C:\xampp\htdocs\payrollsystem\pages\login.php on line 31

<?php
session_start();
if(isset($_SESSION['employee'])){
    Header("Location: ../user/index.php");
} else if (isset($_SESSION['admin'])) {
    Header("Location: ../admin/index.php");
}

include '../includes/connect.inc.php';

if(isset($_POST['btn-login'])) {
    unset($msg);
    
    $userid = strip_tags($_POST['userid']);
    $pass = strip_tags($_POST['pass']);

    $userid = $mysqli->real_escape_string($userid);
    $pass = $mysqli->real_escape_string($pass);

    $query = "SELECT * FROM admin_db WHERE ID='".$userid."'";
    $result = $mysqli->query($query);
    $row = $result->fetch_array();

    $count = $result->num_rows; // if email/password are correct returns must be 1 row
 
    if(!$result) {
      echo "The query failed " . mysql_error();
    } else {
      // If the row vairble does not equal the pass variable then an error occurs.
       $row = mysql_fetch_row($result); 
        if($row->password != $pass) {
          if(isset($_COOKIE['login'])){
            if($_COOKIE['login'] < 3){
              $attempts = $_COOKIE['login'] + 1;
              setcookie('login', $attempts, time()+60*10); //set the cookie for 10 minutes with the number of attempts stored
             
              echo "I'm sorry, but your username and password don't match. Please try again.";
            
            } else{
              echo 'You\'ve had your 3 failed attempts at logging in and now are banned for 10 minutes. Try again later!';
            }
          } else {
            setcookie('login', 1, time()+60*10); //set the cookie for 10 minutes with the initial value of 1
          }
          } else{





 if ($pass == $row['pass'] && $count==1) {
     
    $_SESSION['admin'] = $row['ID'];
    $_SESSION['logintime'] = time();
    header("Location: ../admin/index.php");

    } else {
        
        $query = "SELECT * FROM employee_db WHERE ID='".$userid."'";
        $result = $mysqli->query($query);
        $row = $result->fetch_array();

        $count = $result->num_rows; // if email/password are correct returns must be 1 row
        
        if ($pass == $row['pass'] && $count==1) {
     
            $_SESSION['employee'] = $row['ID'];
            $_SESSION['logintime'] = time();
            header("Location: ../user/index.php");

            } else {
                $query = "SELECT * FROM supervisor_db WHERE ID='".$userid."'";
                $result = $mysqli->query($query);
                $row = $result->fetch_array();

                $count = $result->num_rows; // if email/password are correct returns must be 1 row

                if ($pass == $row['pass'] && $count==1) {

                    $_SESSION['supervisor'] = $row['ID'];
                    header("Location: ../timer/timer.php");
                    
                    } else {
                     $msg = "<br><b>Invalid Username or Password !</b><br>";
                    }
            }
        }
      }



 $mysqli->close();
 }
}
    



?>
<html>
<head>
   
  <?php
  $pageTitle = "Employee | Home";
  include '../includes/header.inc.php';
  ?>
    <link rel="stylesheet" type="text/css" href="../dist/css/loginstyle.css"/>
</head>

<body class="hold-transition skin-blue sidebar-collapse">
<div class="wrapper">

  <!-- Main Header -->
  <header class="main-header">

    <!-- Logo -->
    <a href="#" class="logo">
      <!-- mini logo for sidebar mini 50x50 pixels -->
      <span class="logo-mini"><b>A</b>LT</span>
      <!-- logo for regular state and mobile devices -->
      <span class="logo-lg"><b>OB-GYN</b>clinics</span>
    </a>

    <!-- Header Navbar -->
    <nav class="navbar navbar-static-top" role="navigation">
   
      <!-- Navbar Right Menu -->
      <div class="navbar-custom-menu">
        <ul class="nav navbar-nav">
    
          <!-- Control Sidebar Toggle Button -->
          <li>
             <!-- <a href="#" data-toggle="control-sidebar"> <i class="fa fa-gears"></i></a>
          </li>-->
        </ul>
      </div>
    </nav>
  </header>
  <!-- Left side column. contains the logo and sidebar -->
  <aside class="main-sidebar">

    <!-- sidebar: style can be found in sidebar.less -->
    <section class="sidebar">

      <!-- /.sidebar-menu -->
    </section>
    <!-- /.sidebar -->
  </aside>

  <!-- Content Wrapper. Contains page content -->
  <div class="content-wrapper">
    <!-- Content Header (Page header) -->
    <section class="content-header">
     
    
    </section>

    <!-- Main content -->
    <section class="content">

    <div class="login-container">
        <div class="login">
              <h1 class="login-heading" align="center">
                  <strong>User Login Portal</strong> </h1>
                  
                  	
            <form method="POST" action="login.php">
                <input type="text" name="userid" placeholder=" Employee ID Number" required="required" class="input-txt" />
                <input type="password" name="pass" placeholder=" Password" required="required" class="input-txt" />
                <div class="login-footer">
                  <input type="submit" class="btn btn--right" name="btn-login" align="center" Value="Login">
                </div>
                <?php
                if(isset($msg)){ echo $msg; }
                ?>
            </form>
        </div>
</div>

    </section>
    <!-- /.content -->
  </div>
  <!-- /.content-wrapper -->

  <?php
    include '../views/footer.php';
  ?>

  <!-- Control Sidebar -->
  <aside class="control-sidebar control-sidebar-dark">
    
  </aside>
  <!-- /.control-sidebar -->
  <!-- Add the sidebar's background. This div must be placed
       immediately after the control sidebar -->
  <div class="control-sidebar-bg"></div>
</div>
<!-- ./wrapper -->

<?php include '../includes/script.inc.php'; ?>
<script src="../dist/js/loginscript.js"></script>

</body>
</html>
Edited by tougeman
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.