Jump to content

Recommended Posts

I have spent hours setting this code up along with the other parts of my site only to have a frustrating error keep populating. I have debugged all other errors but this one eludes me. Any chance ya'll could take a look and help me out? I appreciate it. Here is the code:

 

<?php 

/* I have intentionally removed these details for my own security */

$host="";
$user="";
$password="";
$db="";

mysql_connect($host,$user,$password);
mysql_select_db($db);

if(isset($_POST['username'])){
	$uname=$_POST['username'];
	$password=$_POST['password'];
	
}
	$sql="select * from auth where user='.$uname'AND Pass='.$password.' limit 1;
	
	$result=mysql_query($sql);
	
/*This if statement is the section that states I have an unexpected $end syntax error */
	if(mysql_num_rows($result)==1){
	header('Location: pay.php');
	exit();
	
	else{
		echo 'Username or Password is incorrect! Please try again.';
		exit();
	}
}

?>

 

Link to comment
https://forums.phpfreaks.com/topic/316018-syntax-error-unexepected-end/
Share on other sites

Personally I would throw that script into file 13 and use PDO as it is more versatile and it isn't obsolete like mysql is.

A good reference on PDO is this https://phpdelusions.net/pdo

I would come up with a script something like the following ->

<?php
// Start the session
session_start();

// Connect to the database
$dsn = 'mysql:host=localhost;dbname=mydatabase';
$username = 'myusername';
$password = 'mypassword';
$options = array(
    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
);
try {
    $pdo = new PDO($dsn, $username, $password, $options);
} catch (PDOException $e) {
    die('Database connection failed: ' . $e->getMessage());
}

// Check if the login form was submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  // Retrieve the submitted form data
  $username = $_POST['username'];
  $password = $_POST['password'];
  
  // Validate the form data
  if (empty($username) || empty($password)) {
    echo 'Please enter your username and password.';
    exit();
  }
  
  // Query the database to verify the username and password
  $sql = "SELECT * FROM users WHERE username = :username LIMIT 1";
  $stmt = $pdo->prepare($sql);
  $stmt->bindParam(':username', $username);
  $stmt->execute();
  $user = $stmt->fetch();
  
  if ($user && password_verify($password, $user['password'])) {
    // Set session variables to indicate that the user is logged in
    $_SESSION['loggedin'] = true;
    $_SESSION['username'] = $user['username'];
    
    // Redirect the user to a protected page
    header('Location: protected.php');
    exit();
  } else {
    echo 'Incorrect username or password.';
    exit();
  }
}
?>

Just my opinion and I think it would save you a lot of headaches in the long run.

@menator01 Your suggestions helped me find the exact errors I was having trouble with. I appreciate the help. I guess once you spend hours looking at code that you tend to miss things, especially when something should work right and it doesn't. Now the only error I get is 

Quote

Fatal error: Uncaught Error: Call to undefined function mysql_connect() in 

@dodgeitorelse3 I have no clue how I missed that. I'm glad one of us had a sharp eye. Thank you.

 

@Strider64 I have not taken the time to familiarize myself with PDO though I have heard of it. I never bothered to learn to use it, relying instead on older methods that I was more familiar with. I guess it is time to start evolving with the times and getting myself familiar with newer methods. I will research PDO and see if I can start using it instead. Thank you for the suggestion! 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.