RedNeckRabbit93 Posted March 19, 2023 Share Posted March 19, 2023 I have spent hours setting this code up along with the other parts of my site only to have a frustrating error keep populating. I have debugged all other errors but this one eludes me. Any chance ya'll could take a look and help me out? I appreciate it. Here is the code: <?php /* I have intentionally removed these details for my own security */ $host=""; $user=""; $password=""; $db=""; mysql_connect($host,$user,$password); mysql_select_db($db); if(isset($_POST['username'])){ $uname=$_POST['username']; $password=$_POST['password']; } $sql="select * from auth where user='.$uname'AND Pass='.$password.' limit 1; $result=mysql_query($sql); /*This if statement is the section that states I have an unexpected $end syntax error */ if(mysql_num_rows($result)==1){ header('Location: pay.php'); exit(); else{ echo 'Username or Password is incorrect! Please try again.'; exit(); } } ?> Quote Link to comment Share on other sites More sharing options...
menator01 Posted March 19, 2023 Share Posted March 19, 2023 From code displayed, you are missing a closing " in $sql="select * from auth where user='.$uname'AND Pass='.$password.' limit 1; and your } in the if statement is in the wrong place Quote Link to comment Share on other sites More sharing options...
dodgeitorelse3 Posted March 19, 2023 Share Posted March 19, 2023 (edited) you are also missing a dot in your where user='.$uname Edited March 19, 2023 by dodgeitorelse3 typo Quote Link to comment Share on other sites More sharing options...
Strider64 Posted March 19, 2023 Share Posted March 19, 2023 Personally I would throw that script into file 13 and use PDO as it is more versatile and it isn't obsolete like mysql is. A good reference on PDO is this https://phpdelusions.net/pdo I would come up with a script something like the following -> <?php // Start the session session_start(); // Connect to the database $dsn = 'mysql:host=localhost;dbname=mydatabase'; $username = 'myusername'; $password = 'mypassword'; $options = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION ); try { $pdo = new PDO($dsn, $username, $password, $options); } catch (PDOException $e) { die('Database connection failed: ' . $e->getMessage()); } // Check if the login form was submitted if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Retrieve the submitted form data $username = $_POST['username']; $password = $_POST['password']; // Validate the form data if (empty($username) || empty($password)) { echo 'Please enter your username and password.'; exit(); } // Query the database to verify the username and password $sql = "SELECT * FROM users WHERE username = :username LIMIT 1"; $stmt = $pdo->prepare($sql); $stmt->bindParam(':username', $username); $stmt->execute(); $user = $stmt->fetch(); if ($user && password_verify($password, $user['password'])) { // Set session variables to indicate that the user is logged in $_SESSION['loggedin'] = true; $_SESSION['username'] = $user['username']; // Redirect the user to a protected page header('Location: protected.php'); exit(); } else { echo 'Incorrect username or password.'; exit(); } } ?> Just my opinion and I think it would save you a lot of headaches in the long run. Quote Link to comment Share on other sites More sharing options...
RedNeckRabbit93 Posted March 19, 2023 Author Share Posted March 19, 2023 @menator01 Your suggestions helped me find the exact errors I was having trouble with. I appreciate the help. I guess once you spend hours looking at code that you tend to miss things, especially when something should work right and it doesn't. Now the only error I get is Quote Fatal error: Uncaught Error: Call to undefined function mysql_connect() in @dodgeitorelse3 I have no clue how I missed that. I'm glad one of us had a sharp eye. Thank you. @Strider64 I have not taken the time to familiarize myself with PDO though I have heard of it. I never bothered to learn to use it, relying instead on older methods that I was more familiar with. I guess it is time to start evolving with the times and getting myself familiar with newer methods. I will research PDO and see if I can start using it instead. Thank you for the suggestion! Quote Link to comment Share on other sites More sharing options...
ginerjm Posted March 19, 2023 Share Posted March 19, 2023 Definitely switch to PDO and NOT MysqlI The PDO interface is much easier to use . The latter may seem to be the simple choice but there would be much more to learning to use it than simply adding the "I" character to it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.