Bramdon3000 Posted May 3, 2022 Share Posted May 3, 2022 Error: Parse error: syntax error, unexpected token "else" in C:\Users\brand\OneDrive\Desktop\XAMAPP\htdocs\Water Tower 2000\index.php on line 139 <?php require_once 'connection.php'; session_start (); if(isset ($_SESSION["admin_login"])) { header ("location:admin/admin_home.php"); } if(isset ($_SESSION["parent_login"])) { header ("location:parent/parent_home.php"); } if(isset ($_SESSION["swimmer_login"])) { header ("location:swimmer/swimmer_home.php"); } if (isset ($_REQUEST['btn_login'])) { $email = $_REQUEST ["txt_email"]; $password = $_REQUEST ["txt_password"]; $email = $_REQUEST ["txt_role"]; if(empty($email)){ $errorMsg[]="please enter yout water tower email"; } else if(empty($password)){ $errorMsg[]="please enter yout water tower email"; } else if(empty($role)){ $errorMsg[]="please enter yout water tower email"; } else if($email AND $password AND $role){ try{ $select_stmt=$db->prepare("SELECT email,password,role FROM masterlogin WHERE email=:uemail AND password=:upassword AND role=:urole"); $select_stmt->bindParam(":uemail",$email); $select_stmt->bindParam(":upassword",$password); $select_stmt->bindParam(":uemail",$role); $select_stmt->excute(); while ($row=$select_stmt->fetch(PDO::FETCH_ASSOC)){ $dbemail =$row["email"]; $dbpassword =$row["password"]; $dbrole =$row["role"]; } if($email!=null AND $password!=null AND $role!=null){ if($select_stmt->rowCount()>0){ if ($email!==$dbemail AND $password==$dbpassword AND $role==$dbrole){ switch($dbrole) { case "admin": $_SESSION ["admin_login"]=$email; $loginMsg="Admin...Your in Water Tower..."; header("refresh:3;admin/admin_home.php"); break; case "parent": $_SESSION["parent_login"]=$email; $loginMsg="Parent...Welcome To Water Tower..."; header("refresh:3;parent/parent_home.php"); break; case "swimmer": $_SESSION ["swimmer_login"]=$email; $loginMsg="Fellow swimmer...Your in Water Tower..."; header("refresh:3;swimmer/swimmer_home.php"); break; default: $errorMsg[]="Sorry but either the email/password/role is wrong"; } } else { $errorMsg="Sorry but either the email/password/role is wrong"; } else { $errorMsg="Sorry but either the email/password/role is wrong"; } } else{ $errorMsg="Sorry but either the email/password/role is wrong"; } } } catch (PDOException $e){ $e->getMassage(); } } else { $errorMsg="Sorry but either the email/password/role is wrong"; } } ?> Quote Link to comment Share on other sites More sharing options...
Barand Posted May 3, 2022 Share Posted May 3, 2022 RTFM https://www.php.net/else Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted May 3, 2022 Share Posted May 3, 2022 (edited) you easily have 2 times too much typing in that code, and burred somewhere in all that you have a mistake with an else statement. you need to start with the basics and keep it simple. your login system should only identify who the user is, with one session variable to hold the user_id (autoincrement primary index.) it is also not up to the user to specify their role when logging in. aside from a parent registering their children, the role should be determined completely by data stored only within your system. you should query on each page request to find any other user information, such as a username or user permissions/role. here's a list of things that will greatly simply the code and other issues - every header() redirect needs and exit/die statement after it to stop php code execution. don't use $_REQUEST. use the correct $_POST, $_GET, or $_COOKIE variable that you expected data in. don't copy variables to variables for no reason. you should trim() all input data before validating data. validating separate inputs is not mutually exclusive, i.e. don't use elseif. validate all separate inputs at once. after the end of all the validation logic, simply test if the array holding the errors is empty to decide if you are going to use the submitted data. only put try/catch logic in your code for insert/update queries to handle duplicate or out of range errors. in all other cases there's no point in doing this since the user on your site cannot do anything about a database error. don't store plain-text passwords. use php's password_hash and password_verify. simply supply an array of the input values to the PDO execute([...]) specify the default fetch mode when you make the database connection so that you don't need to specify it in each fetch statement. don't use a loop to fetch data from a query that will at most match one row of data. just directly fetch/test the row of data. if you were able to fetch a row of data, you know that the conditions in the WHERE clause in the query are true. there's no point in having logic to test these same conditions. setting regular variables then performing a redirect, does nothing. if you want to display a one-time success message, store it in a session variable, then test, display, and clear this session variable at the appropriate location in the html document. when conditional 'failure' logic is much shorter than the 'success' logic, invert the condition being tested and put the failure logic first. this will make your code easier to read (which will help avoid the current error.) the only header() redirect you have inside the post method form processing code should be to the exact same URL of the current page. this will cause a get request for that page. this will prevent the browser from trying to resubmit the form data should the user reload the page or navigate away from and back to that page. if you want the visitor to be able to navigate to other pages, provide navigation links. you should have a single home/content page. if the current visitor is not logged in, display the non-logged in content. if the current logged in visitor is an administrator, parent, or swimmer, display the the appropriate content. Edited May 3, 2022 by mac_gyver Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.