Jump to content

Help! Parse error: syntax error, unexpected


Go to solution Solved by NotionCommotion,

Recommended Posts

I am using XAMPP and myphpadmin to try to get this login form to work, but whenever I try to execute I get this error:

 

Parse error: syntax error, unexpected '$result' (T_VARIABLE) in C:\xampp\htdocs\project2\reg.php on line 24

 

When I tried to validate the code, I got this:

 

  • PHP Syntax Check: Parse error: syntax error, unexpected '$result' (T_VARIABLE) in your code on line 24
    • $result = mysqli_query($conn, $sql);
  • PHP Syntax Check: Errors parsing your code

 

Here is the code, i made the text blue on line 24.

 

<?php
$cookie_name = "loggedin";
 
$servername = "localhost";
$username = "root";
$password = "";
$database = "pro2";
 
$conn = mysqli_connect($servername, $username, $password, $database);
 
if (!$conn) {
die("Database connection failed: ".mysqli_connect_error());
}
 
if (isset($_POST['login']))
{
$user = $_POST['username'];
$pass = $_POST['password'];
 
$phash = sha1(sha1($pass."salt")."salt"); 
 
$sql = "SELECT * FROM users WHERE username='$user' AND password='$phash';"
 
$result = mysqli_query($conn, $sql);
$count = mysqli_num_rows($result);
 
if ($count == 1)
{
$cookie_value = $user;
setcookie($cookie_name, $cookie_value, time() + (180), "/");
header("Location: personal.php");
}
else 
{
echo "Username or Password is incorrect!";
}
}
else if (isset($_POST['register']))
{
$user = $_POST['username'];
$pass = $_POST['password'];
 
$phash = sha1(sha1($pass."salt")."salt");
 
$sql = "INSERT INTO users (id, username, password) VALUES ('', '$user', '$phash');"
 
$result = mysqli_query($conn, $sql);
}
?>

Take a good, hard look at the line before it. It has a problem. If you don't see it at first, step away from the computer for a bit and come back to it later.

 

Which is not to say the rest of the code is good. It is not. Wherever you learned to do all that, forget everything and try learning anew from a better place.

In case you're not aware, the PHP manual talks about safe password hashing here:

http://php.net/manual/en/faq.passwords.php

 

You'll also want to look into prepared statements to protect yourself from SQL injection attacks. Or, if you need time to wrap your mind around prepared statements, you could use the following function:

http://php.net/manual/en/mysqli.real-escape-string.php

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.