Hi guys, creating a log in script so my users can login to my website.
This is the code so far
[code=php]<!DOCTYPE html>
<html>
<head>
<title>Richard Hemmings </title>
<meta name=”viewpoint” content=”width=device-width, intail-scale=1.0″>
<link href = “css/bootstrap.min.css”rel = “stylesheet”>
<link href = “css/stylesheet.css” rel = “stlesheet”>
</head>
<body>
<div class = “navbar navbar-inverse navbar-static-top”>
<div class = “container”>
<div class = “navbar navbar-default navbar-fixed-bottom”>
<div class = “container”>
<P class = “navbar-text”>Site build and belongs to Richard Hemmings (C) 2015</P>
</div>
</div>
<script src = “http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js”></script><script src = “js/bootstrap/js” ></script>
</body>
</html>
<?php
include(‘inc/header.php’);
require(‘connection_db.php’);
if (isset($_POST[‘submit’])){
$uname = mysql_escape_string($_POST[‘uname’]);
$pass = mysql_escape_string ($_POST[‘pass’]);
$pass = md5 ($pass) ;
$uname = mysql_query(“SELECT * FROM `users` WHERE `uname` = ‘$uname’ AND `pass` = ‘$pass'”);
if(mysql_num_rows($sql) > 0 {
echo “you are now logged in successfully!”;
exit ();
}else{
echo “Wrong Username and password entered please try again”;
}
}else{
echo $form = <<<EOT
<form action”login.php” method=”POST”>
Username: <input type=”text” name =”uname” /><br />
password: <input type=”password” name=”pass” /><br />
<input type=”submit” name=”submit” value=”Log in” />
</form>
EOT;
}
?>
This is the error message that I’m getting at the moment
Parse error: syntax error, unexpected ‘{‘ in C:xampphtdocslogin.php on line 37
Any help would be brilliant sorry again for been a apain
[code=php]
if(mysql_num_rows($sql) > 0 {
[/code]
Not sure if this is line 37, but it's what jumped out at me:
[code=php]
if(mysql_num_rows($sql) > 0 {
[/code]
You left out the closing ")" for the if() condition. (You need another after the one that closes the mysql_num_rows() call)
BTW, the usual public service message: you really should stop using the mysql_*() functions and update things to either use mysql[b]i[/b] or the PDO extension, as the original MySQL extension is now deprecate in PHP (and therefore may no longer be supported in future releases).[/QUOTE]
[code=php]<?php
include('inc/header.php');
require('connection_db.php');
if (isset($_POST['submit'])){
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string ($_POST['pass']);
$pass = md5 ($pass) ;
$uname = mysql_query("SELECT * FROM users
WHERE uname
= '$uname' AND pass
= '$pass'");
if(mysql_num_rows($sql)) > 0 {
echo "you are now logged in successfully!";
exit ();
}else{
echo "Wrong Username and password entered please try again";
}
}else{
echo $form = <<<EOT
<form action"login.php" method="POST">
Username: <input type="text" name ="uname" /><br />
password: <input type="password" name="pass" /><br />
<input type="submit" name="submit" value="Log in" />
</form>
EOT;
}
?>[/code]
I've done what you suggested and this is the code now
I'm now getting the following error message
Parse error: syntax error, unexpected '>' in C:xampphtdocslogin.php on line 39
[/QUOTE]
[code=php]
if(mysql_num_rows($sql)) > 0 {
use the following instead of above
if(mysql_num_rows($sql) > 0 ) {
[/code]
[code=php]
if(mysql_num_rows($sql)) > 0 {
use the following instead of above
if(mysql_num_rows($sql) > 0 ) {
[/code]
[/QUOTE]
[code=php] EOT;
} [/code]
to [code=php]EOT;
} [/code]
try changing[code=php] EOT;
to
} [/code][code=php]EOT;
} [/code]
so that EOT; is sitting with no spaces before it and on a line of its own.[/QUOTE]
[code=php]<!DOCTYPE html>
<html>
<head>
<title>Richard Hemmings </title>
<meta name="viewpoint" content="width=device-width, intail-scale=1.0">
<link href = "css/bootstrap.min.css"rel = "stylesheet">
<link href = "css/stylesheet.css" rel = "stlesheet">
</head>
<body>
<div class = "navbar navbar-inverse navbar-static-top">
<div class = "container">
<div class = "navbar navbar-default navbar-fixed-bottom">
<div class = "container">
<P class = "navbar-text">Site build and belongs to Richard Hemmings (C) 2015</P>
</div>
</div>
<script src = "http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script><script src = "js/bootstrap/js" ></script>
</body>
</html>
<?php
include('inc/header.php');
require('connection_db.php');
if (isset($_POST['submit'])){
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string ($_POST['pass']);
$pass = md5 ($pass) ;
$uname = mysql_query("SELECT * FROM users
WHERE uname
= '$uname' AND pass
= '$pass'");
if(mysql_num_rows($sql) > 0 ) {
echo "you are now logged in successfully!";
exit ();
}else{
echo "Wrong Username and password entered please try again";
}
}else{
echo $form =<<<EOT
//<form action"login.php" method="POST">
Username: <input type="text" name ="uname" /><br />
password: <input type="password" name="pass" /><br />
<input type="submit" name="submit" value="Log in" />
</form>
EOT;
}
?>[/code]
[code=php]
echo $form =<<<EOT
[/code]
[code=php]
}else{
?>
<form action"login.php" method="POST">
Username: <input type="text" name ="uname" /><br />
password: <input type="password" name="pass" /><br />
<input type="submit" name="submit" value="Log in" />
</form>
<?php } ?>
[/code]
[code=php]
echo $form =<<<EOT
[/code]
That line is confusing: do you want to echo out $form, or do you want to assign the following text to $form? Assuming you just want to echo, it's simpler to just get out of PHP mode at that point:
[code=php]
[/QUOTE]
}else{
?>
<form action"login.php" method="POST">
Username: <input type="text" name ="uname" /><br />
password: <input type="password" name="pass" /><br />
<input type="submit" name="submit" value="Log in" />
</form>
<?php } ?>
[/code]
[code=php]echo $form =<<<EOT [/code]
[code=php]echo <<<EOT [/code]
[code=php]$form =<<<EOT [/code]
Now... change[code=php]echo $form =<<<EOT [/code]
to
[code=php]echo <<<EOT [/code]
or
[code=php]$form =<<<EOT [/code]
if you are echoing the string later then the variable would be used.[/QUOTE]
[code=php] $form =<<<EOT[/code]
[code=php]<!DOCTYPE html>
<html>
<head>
<title>Richard Hemmings </title>
<meta name="viewpoint" content="width=device-width, intail-scale=1.0">
<link href = "css/bootstrap.min.css"rel = "stylesheet">
<link href = "css/stylesheet.css" rel = "stlesheet">
</head>
<body>
<div class = "navbar navbar-inverse navbar-static-top">
<div class = "container">
<div class = "navbar navbar-default navbar-fixed-bottom">
<div class = "container">
<P class = "navbar-text">Site build and belongs to Richard Hemmings (C) 2015</P>
</div>
</div>
<script src = "http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script><script src = "js/bootstrap/js" ></script>
</body>
</html>
<?php
include('inc/header.php');
require('connection_db.php');
if (isset($_POST['submit'])){
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string ($_POST['pass']);
$pass = md5 ($pass) ;
$uname = mysql_query("SELECT * FROM users
WHERE uname
= '$uname' AND pass
= '$pass'");
if(mysql_num_rows($sql) > 0 ) {
echo "you are now logged in successfully!";
exit ();
}else{
echo "Wrong Username and password entered please try again";
}
}else{
$form =<<<EOT
<form action"login.php" method="POST">
Username: <input type="text" name ="uname" /><br />
password: <input type="password" name="pass" /><br />
<input type="submit" name="submit" value="Log in" />
</form>
echo EOT;
}
?>[/code]
EOT;
}
EOT;
}
I have also noted some odd behaviour or HEREDOC methods, namely an errant whitespace character on the EOT; line that follows the ; has on occasion had me on a bug hunt.
I would also suggest that you remove any white space characters and also add a further line space between :
EOT;
}
to get
[/QUOTE]
EOT;
}
Hey I have done what you suggested and still getting the following ?
Parse error: syntax error, unexpected end of file, expecting variable (T_VARIABLE) or heredoc end (T_END_HEREDOC) or ${ (T_DOLLAR_OPEN_CURLY_BRACES) or {$ (T_CURLY_OPEN) in C:xampphtdocslogin.php on line 55
I feel like banging my head against a brick wall, I have tried loads of different things now, again thanks so much for the help and support your giving me and to everyone else! Its much appreciated[/QUOTE]
[code=php]$con = mysqli_connect("localhost","username","password","database");
//...
$result = mysqli_query( $con, "SELECT * ... [/code]
[code=php]$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string ($_POST['pass']);
$pass = md5 ($pass) ;
$uname = mysql_query("SELECT * FROM users
WHERE uname
= '$uname' AND pass
= '$pass'");
if(mysql_num_rows($sql) > 0 ) { [/code]
[code=php]// assumed $con = mysqli_connect(...);
$user = filter_var( trim( $_POST['uname'] ), FILTER_SANITIZE_STRING );
$pass = md5( filter_var( trim( $_POST['pass'] ), FILTER_SANITIZE_STRING) );
$qry = sprintf( "SELECT * FROM users
WHERE uname
='%s' AND pass
='%s' LIMIT 1;",
mysqli_escape_string( $con, $user ),
mysqli_escape_string( $con, $pass )
);
// run the query
$result = mysqli_query( $con, $qry );
if( mysqli_affected_rows( $result ) > 0 ) {
...
[/code]
to tidy up what you already have
[code=php]$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string ($_POST['pass']);
$pass = md5 ($pass) ;
$uname = mysql_query("SELECT * FROMusers
WHEREuname
= '$uname' ANDpass
= '$pass'");
if(mysql_num_rows($sql) > 0 ) { [/code]
to
[code=php]// assumed $con = mysqli_connect(...);
[/QUOTE]
$user = filter_var( trim( $_POST['uname'] ), FILTER_SANITIZE_STRING );
$pass = md5( filter_var( trim( $_POST['pass'] ), FILTER_SANITIZE_STRING) );
$qry = sprintf( "SELECT * FROMusers
WHEREuname
='%s' ANDpass
='%s' LIMIT 1;",
mysqli_escape_string( $con, $user ),
mysqli_escape_string( $con, $pass )
);
// run the query
$result = mysqli_query( $con, $qry );
if( mysqli_affected_rows( $result ) > 0 ) {
...
[/code]
[code=php]require('connection_db.php'); [/code]
I will let you know what comes of itI assume that you create a database connection when you include the file.
if your database does not use $con = mysqli_connect( ... then you will encounter problems as myqsl_ and mysqli_ are not interchangeable, so it will pay to swap now as upgrades to web hosts and PHP versions upgrades will see all mysql_ support dropped and you could be left in the dark again and need to convert. So do it now![/QUOTE]
Where do you make your database connection?
You must be using a connection handler of some sorts, if this is only on your development server, you will encounter problems in a real world environment.[/QUOTE]
[code=php]require('connection_db.php');[/code]
[code=php]<?php
mysql_connect ("localhost", "root", "");
mysql_select_db ("tut");
?> [/code]
[code=php] <?php
mysql_connect ("localhost", "root", "");
mysql_select_db ("tut");
?> [/code]
you would [code=php] <?php
$con = mysqli_connect("localhost", "root", "", "tut");
?> [/code]
or if you prefer an OO method [code=php] <?php
$con = new mysqli("localhost", "root", "","tut");
?> [/code]
0.1.9 — BETA 6.2