|
PHP - Hash Password Checker - (unexpected T_elseif Error)!
Alright, I have created a hash password checker and here is my code:
include("include.php"); // include the mySQL info! $users = mysql_query(" SELECT * FROM User "); // Select all from the users table in the database! while($row = mysql_fetch_array($users)) // While it fetches the users do the following... { if (hash("sha256", $password) == $row["Password"]) echo "Congratulations! The Hash matches the password entered into the database!"; } elseif (hash("sha256", $password) != $row["Password"]) { echo "Your Hash failed to match the password entered!"; } Now for some reason this displays a totally blank page. When I turn error display on I get the error "Unexpected T_ELSEIF" on this line elseif (hash("sha256", $password) != $row["Password"]) Any help is appreciated... Similar Tutorialsif(mysql_num_rows($query) == 1) { $compny = mysql_query("SELECT * FROM company WHERE value='". $comp ."'"); $company = mysql_result($compny, 0); if(mysql_num_rows($company) == 0) { echo "Company not found"; die(); } $getcompstt = mysql_query("SELECT stat FROM company WHERE value='". $comp ."' LIMIT 1"); $getcompstat = mysql_result($getcompstt, 0); elseif($getcompstat == "3") I can't figure out the problem with my code. This is the error I am receiving... Parse error: syntax error, unexpected T_ELSEIF in /****/****/****/****/****/**** on line 68 This is my code: ----------------------------------------------------------------------------------------------------- Code: [Select] <? include "./includes/config.inc.php"; include $include_path."countries.inc.php"; #// If user is not logged in redirect to login page if(!isset($_SESSION["BPLowbidAuction_LOGGED_IN"])) { Header("Location: user_login.php"); exit; } if($_POST['action'] == "update") { #// Check data if ($_POST['TPL_email']) { if (strlen($_POST['TPL_password'])<6 && strlen($_POST['TPL_password']) > 0) { $TPL_err=1; $TPL_errmsg=$ERR_011; } else if (strlen($_POST['TPL_email'])<5) { $TPL_err=1; $TPL_errmsg=$ERR_110; } elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+([\.][a-z0-9-]+)+$",$_POST['TPL_email'])) { $TPL_err = 1; $TPL_errmsg = $ERR_008; } $nletter=isset($_POST['TPL_nletter']) ? $_POST['TPL_nletter'] :0; $sql="UPDATE BPLA_users SET email=\"". AddSlashes($_POST['TPL_email']) ."\", reg_date=reg_date" ." , nletter=\"". AddSlashes($_POST['TPL_nletter']); if(strlen($_POST['TPL_password']) > 0) { $sql .= "\", password=\"". md5($MD5_PREFIX.AddSlashes($_POST['TPL_password'])); } $sql .= "\" WHERE nick='".$_SESSION['BPLowbidAuction_LOGGED_IN_USERNAME']."'"; $res=mysql_query ($sql); //$query = "select * from BPLA_users where nick='".$_SESSION['BPLowbidAuction_LOGGED_IN_USERNAME']."'"; //$result = @mysql_query($query); //if(!$result) { // MySQLError($query); // exit; //} else { // $USER = mysql_fetch_array($result); // $TPL_nick = $USER['nick']; // $TPL_email = $USER['email'];; // $TPL_nletter = $USER['nletter']; // } //} // #// Redirect user to his/her admin page $TMP_MSG = $MSG_183; $_SESSION["TMP_MSG"]=$TMP_MSG; /*Header("Location: user_menu.php"); exit; include "header.php"; include "templates/template_updated.html"; */ //include "header.php"; //include phpa_include("template_change_details_php.html"); } else { $TPL_err=1; $TPL_errmsg=$ERR_112; elseif(($_POST['action'] != "update" || $TPL_errmsg !=1)) { //#// Retrieve user's data //$query = "select * from BPLA_users where nick='".$_SESSION['BPLowbidAuction_LOGGED_IN_USERNAME']."'"; //$result = @mysql_query($query); //if(!$result) { // MySQLError($query); // exit; //} else { // $USER = mysql_fetch_array($result); // $TPL_nick = $USER['nick']; // $TPL_email = $USER['email']; // $TPL_nletter = $USER['nletter']; //} //echo "111 "; //include "header.php"; //include phpa_include("template_change_details_php.html"); } if($TPL_err==1) { //include "header.php"; //include phpa_include("template_change_details_php.html"); } #// Retrieve user's data $query = "select * from BPLA_users where nick='".$_SESSION['BPLowbidAuction_LOGGED_IN_USERNAME']."'"; $result = @mysql_query($query); if(!$result) { MySQLError($query); exit; } else { $USER = mysql_fetch_array($result); $TPL_nick = $USER['nick']; $TPL_email = $USER['email']; $TPL_nletter = $USER['nletter']; } include "header.php"; include phpa_include("template_change_details_php.html"); include "footer.php"; $TPL_err=0; $TPL_errmsg=""; ?> hello, i am having a problem in my cron file that runs daily, the code posted below at the last block at the elseif ($chance > 2.5) <b>Parse error</b>: syntax error, unexpected T_ELSEIF in <b>/home/content/run_daily.php</b> on line <b>240</b><br /> ... $db = $dbh->prepare("select star_id from {$game}_stars where event_random = '6'"); $db->execute(); $bh_sys = $db->fetchrow_hashref(); if ($bh_sys) { $chance = rand(5); if ($chance < 1) { mysql_query("update {$game}_stars set event_random = 1, metal = '0', fuel='0', star_name = 'BlackHole' where star_id = '$bh_sys->{star_id}'"); mysql_query("insert into {$game}_news (timestamp, headline, login_id) values (".time().",'The <b>SuperNova Remnant</b> in <b class=b1>system $bh_sys->{star_id}</b> has formed into a <b>blackhole</b>. Being a slow process, all ships managed to get out to system #<b>1</b>. We expect no further trouble from that system. <font color=lime>- - - Science Institute of Sol - - -</font>','-11')"); $db = $dbh->prepare("select location,login_id,ship_id,ship_name from {$game}_ships where location = '$bh_sys->{star_id}'"); $db->execute(); while ($ship_bh = $db->fetchrow_hashref()) { mysql_query("update {$game}_ships set location = '1' where ship_id = '$ship_bh->{ship_id}'"); mysql_query("insert into {$game}_messages (timestamp,sender_name,sender_id, login_id, text) values(".time().",'BlackHole','$ship_bh->{login_id}','$ship_bh->{login_id}','Your ship the <b class=b1>$ship_bh->{ship_name}</b> escaped a blackhole forming from a SuperNova Remnant in system #<b>$ship_bh->{location}</b>. It is now in system #<b>1</b>')"); mysql_query("update {$game}_users set location = '1' where location = '$bh_sys->{star_id}'"); print "\nSN remnant in $bh_sys->{star_id} to blackhole\n"; } elseif ($chance > 2.5) { mysql_query("update {$game}_stars set event_random = '14' where star_id = '$bh_sys->{star_id}'"); mysql_query("insert into {$game}_news (timestamp, headline, login_id) values (".time().",'After much study, we have decided that the star in system <b>$bh_sys->{star_id}</b> will <b class=b1>not</b> become a Blackhole, as it was not massive enough. This system will remain a harmless Super-Nova Remnant, with lots of minerals in. <font color=lime>- - - Science Institute of Sol - - -</font>','-11')"); print "\nSN remnant in $bh_sys->{star_id} safe\n"; } } ... Help Syntax error found: unexpected T_ELSEIF on line 23 Code: [Select] <?php require("config.php"); $result = mysql_query("SELECT name, mics, status, date_format(eventStart, '%M %e %Y') as start, date_format(eventFinish, '%M %e %Y') as end FROM events where status='S' or status='A' order BY eventStart"); $sta=$row['status']; { echo "<table rules='rows'> <tr> <th width='50'><font color='yellow' size='1'>MICS</th> <th width='200'><font color='yellow' size='1'>Charity</th> <th width='125'><font color='yellow' size='1'>Start Date</th> <th width='125'><font color='yellow' size='1'>End Date</th> </tr>"; while ($row = mysql_fetch_array($result)) { if ($sta == "A"); { echo "<tr>"; echo "<td><font color='red' size='1'>" . $row['mics'] . "</td>"; echo "<td><font color='red' size='1'>" . $row['name'] . "</td>"; echo "<td><font color='red' size='1'>" . $row['start'] . "</td>"; echo "<td><font color='red' size='1'>" . $row['end'] . "</td>"; echo "</tr>"; } elseif ($sta == "S"); { echo "<tr>"; echo "<td><font color='#ffffff' size='1'>" . $row['mics'] . "</td>"; echo "<td><font color='#ffffff' size='1'>" . $row['name'] . "</td>"; echo "<td><font color='#ffffff' size='1'>" . $row['start'] . "</td>"; echo "<td><font color='#ffffff' size='1'>" . $row['end'] . "</td>"; echo "</tr>"; } } echo "</table>"; } mysql_close($dbh); ?> [code] I don't see it. Thanks I have a login system Username and Password.
My password is encrypted with bcrypt, if it okay to store that bcrypt in a session as $_SESSION["hash"]
To verify that the user is who they say they are?
Or do i only need to do
$_SESSION["username"]
Hi,
Recently I've been trying writing a safe password hash and I wanted to know that if I use an MD5 hash at the end, just so it will be like some short of "packed",so instead of saving a 128 string, I'll use md5 to "pack" it into 32 characters and save up to 96 characters.
I know MD5 isn't safe and all, but the question is, does it lower the security ?
Also, would be happy for feedbacks about my password hash
function hash_($input,$key) {
$op=hash("whirlpool",hash("sha512",$key) . "$" . $input . "$" . hash("sha512",$key));Hi,
I am trying to get this script to execute as an administrator of an online system. If a user has forgotten their password, I enter their username and enter a new password which they can update later. I am not sure why this is not updating the password for the username entered?
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
exit;
}
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$new_password = $confirm_password = "";
$new_password_err = $confirm_password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Validate new password
if(empty(trim($_POST["new_password"]))){
$new_password_err = "Please enter the new password.";
} elseif(strlen(trim($_POST["new_password"])) < 6){
$new_password_err = "Password must have atleast 6 characters.";
} else{
$new_password = trim($_POST["new_password"]);
}
// Validate confirm password
if(empty(trim($_POST["confirm_password"]))){
$confirm_password_err = "Please confirm the password.";
} else{
$confirm_password = trim($_POST["confirm_password"]);
if(empty($new_password_err) && ($new_password != $confirm_password)){
$confirm_password_err = "Password did not match.";
}
}
// Check input errors before updating the database
if(empty($new_password_err) && empty($confirm_password_err)){
// Prepare an update statement
$sql = "UPDATE User_Accounts_ SET password = ? WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_password, $username);
// Set parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT);
$username = $_POST['username'];
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Password updated successfully. Destroy the session, and redirect to login page
session_destroy();
header("location: login.php");
exit();
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Reset Password</title>
<style type="text/css">
body{ font: 14px sans-serif; }
.wrapper{ width: 350px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Reset Password</h2>
<p>Please fill out this form to reset your password.</p>
<p><strong>Username</strong>
<input type="text" name="username" class="form-control">
</p>
<p> </p>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($new_password_err)) ? 'has-error' : ''; ?>">
<label>New Password</label>
<input type="password" name="new_password" class="form-control" value="<?php echo $new_password; ?>">
<span class="help-block"><?php echo $new_password_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>">
<label>Confirm Password</label>
<input type="password" name="confirm_password" class="form-control">
<span class="help-block"><?php echo $confirm_password_err; ?></span>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<a class="btn btn-link" href="welcome.php">Cancel</a>
</div>
</form>
</div>
</body>
</html>
Hi guys I have a script which i've been playing around with thanks to Spiderwell: http://www.phpfreaks.com/forums/index.php?action=profile;u=35078 I have sort of merged it with another 'member managment' script which is working great. Now i can't seem to correctly create a login page to pass the hashed password using (sha1). Now all i want to do is verify the username and the (hashed) password according to the database and allow the user in. The script i am using to check login works fine without a hashed password in the database. But ideally i'd like to use a hashed form of password. Can somebody show me what change i need to make in this script below in order to pass a sha1 hashed password? I'm guessing it's a really small change from the examples i've seen online, but i just cant seem to get mine to work. :| Your help would be much appreciated. Login Page PHP: Code: [Select] <form name="login" method="post" action="check_login.php3"> <p><strong>Secured Area User Log-in</strong></p> <p>Username: <input name="bioname" type="text" id="bioname"></p> <p>Password: <input name="biopass" type="password" id="biopass"></p> <p> </p> <p><input type="submit" name="Submit" value="Login"></p> </form> Check Login Processor (which is the file i that needs the sha1 added somewhere i think) Code: [Select] <?php require_once('config.php3'); // Connect to the server and select the database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db")or die("Unable to select database"); // $loginusername = false; $loginpassword = false; $err = false; // default error message is empty // The username and password sent from login.php //the isset() basically means if its there get it, otherwise dont bother if (isset($_POST['bioname'])) $loginusername=$_POST['bioname']; if (isset($_POST['biopass']))$loginpassword=$_POST['biopass']; // if either isnt filled in, tell the user, a very basic bit of validation if (!$loginusername || !$loginpassword) $err = "please complete the form"; if (!$err) //if no error continue { //The following bit of coding protects from MySQL injection attacks $loginusername = stripslashes($loginusername); $loginpassword = stripslashes($loginpassword); $loginusername = mysql_real_escape_string($loginusername); $loginpassword = mysql_real_escape_string($loginpassword); //you could add other things like check for text only blah blah $sql="SELECT * FROM $tbl WHERE bioname='$loginusername' and biopass='$loginpassword'"; $result=mysql_query($sql); // Count how many results were pulled from the table $count=mysql_num_rows($result); // If the result equals 1, continue if($count==1) { session_start(); $_SESSION['user'] = $loginusername; // store session data //please see I have used a session variable that is generic not specific, otherwise you will have to make this page different for every user //that would be a pain in the ass, you don't need to have user1 or user2, its the value stored that relevant, not what the variable name is header("Location: {$loginusername}/index.php3"); } else { $err = "Wrong Username or Password"; } }// end login if statement if ($err) // show error message if there is one { echo $err; echo "<br>Please go back in your browser and try again"; } ?> The secure page: Code: [Select] <?php session_start(); $mypath = $_SERVER["REQUEST_URI"]; //echo $mypath; // for debugging //now we have the path lets see if the username is in that path, i.e. test2 is inside /something/test2/index.php //use the built in strpos() function, which returns position of the last occurance of the string you are looking for inside another string. //http://php.net/manual/en/function.strrpos.php if(strpos($mypath,"/".$_SESSION['user']."/"))//on testing it failed initially as username test is found in path /test2/ so i added the slashes to stop that. so /test/ doesnt get found in /test2/ { echo "congratulations you are the right person in the right place"; } else { session_destroy(); //kill the session, naughty person trying to come here header("Location: ../login.php3"); die();// stop page executing any further } ?> <html> <body> </body> </html> Thanks and i look forward to your replies. Hi, I am limbo with this one. What I have makes sense to me, but I know I'm missing something or doing something wrong I have been able to hash passwords with salt by new people registering to my site by doing this: if(!$error) { $alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcedfghijklmnopqrstuvwxyz1234567890"; $rand = str_shuffle($alpha); $salt = substr($rand,0,40); $hashed_password = sha1($salt . $_POST['password']); $query = "INSERT INTO `cysticUsers` ( `FirstName`, `LastName`, `Email`, `Password`, `salt`, `RelationshipToCF`, `State`, `Gender`, `Birthday`, `Status` )VALUES( '" . mysql_real_escape_string($_POST['firstName']) . "', '" . mysql_real_escape_string($_POST['lastName']) . "', '" . mysql_real_escape_string($_POST['email']) . "', '" . $hashed_password . "', '" . $salt . "', '" . mysql_real_escape_string($_POST['RelationToCF']) . "', '" . mysql_real_escape_string($_POST['State']) . "', '" . mysql_real_escape_string($_POST['sex']) . "', '" . mysql_real_escape_string($_POST['DateOfBirth_Year'] . "-" . $_POST['DateOfBirth_Month'] . "-" . $_POST['DateOfBirth_Day']) . "', 'pending' )"; mysql_query($query, $connection); I have been able to to update EXISTING users passwords by doing this: $query = "SELECT * FROM `cysticUsers`"; $request = mysql_query($query,$connection); while($result = mysql_fetch_array($request)) { $alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcedfghijklmnopqrstuvwxyz1234567890"; $rand = str_shuffle($alpha); $salt = substr($rand,0,40); $hashed_password = sha1($salt . $result['Password']); $user = $result['id']; $query2 = "UPDATE `cysticUsers` SET `salt` = '$salt' WHERE `id` = '$user'"; $request2 = mysql_query($query2,$connection) or die(mysql_error()); $query3 = "UPDATE `cysticUsers` SET `encrypted_passwords` = '$hashed_password' WHERE `id` = '$user'"; $request3 = mysql_query($query3,$connection) or die(mysql_error()); } Now, I want to be able to SIGN BACK IN with the existing password and I am failing miserably by doing this: $query = "SELECT `salt`,`id`,`email`,`password` FROM `cysticUsers` WHERE `Email` = '" . $email . "' AND `Password` = '" . $password . "' && `Status` = 'active' LIMIT 1"; $request = mysql_query($query,$connection) or die(mysql_error()); $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); if(@mysql_num_rows($request)) { $row = mysql_fetch_assoc($request); if (sha1($row['salt'] . $_POST['password']) === $row['Password']) { $_SESSION['CLIFE']['AUTH'] = true; $_SESSION['CLIFE']['ID'] = $result['id']; // UPDATE LAST ACTIVITY FOR USER $query = "UPDATE `cysticUsers` SET `LastActivity` = '" . date("Y-m-d") . " " . date("g:i:s") . "' WHERE `id` = '" . mysql_real_escape_string($_SESSION['CLIFE']['ID']) . "' LIMIT 1"; mysql_query($query,$connection); if(!empty($_POST['return'])) { header("Location: " . $_POST['return']); }else{ header("Location: CysticLife-Dashboard.php?id=" . $_SESSION['CLIFE']['ID']); } } }else{ $_SESSION['CLIFE']['AUTH'] = false; $_SESSION['CLIFE']['ID'] = false; } } I've been scouring resources and am stuck on this. I have a deadline to meet that I am behind on. Needless to say I'm pulling my hair out and some help with this would be GREATLY appreciated. Thank you in advance! Parse error: syntax error, unexpected T_STRING in C:\xampp\htdocs\mywork\unique.php on line 15 <html> <head> <title> </title> </head> <body bgproperties="fixed"> <?php $dbhost = 'localhost'; $dbuser = 'root'; $dbpass = ''; $con = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); $dbname = 'mywork'; mysql_select_db($dbname, $con); $sql=mysql_query(insert into users (regno,name,gender,date,month,year,emailid,cell,paddress,caddress,incometype,incomeamt,dad,fyes,dadocup,mom,myes,momocup,password) VALUES ('$_POST[regno]','$_POST[name]','$_POST[gender]','$_POST[date]','$_POST[month]','$_POST[year]','$_POST[emailid]','$_POST[cell]','$_POST[paddress]','$_POST[caddress]','$_POST[incometype]','$_POST[incomeamt]','$_POST[dad]','$_POST[fyes]','$_POST[dadocup]','$_POST[mom]','$_POST[myes]','$_POST[momocup]','$_POST[password]')"); $sql1=mysql_fetch_array($sql); $result = @mysql_query($SQl1); $result="SELECT * FROM users WHERE regno='$regno'"; while($row = mysql_fetch_array($result)) { //echo $row['regno']."regno<br>"; //echo $row['name']."name<br>"; //echo $row['gender']."gender<br>"; //echo $row['date']."date<br>"; //echo $row['month']."month<br>"; //echo $row['year']."year<br>"; //echo $row['emailid']."emailid<br>"; //echo $row['cell']."cell<br>"; //echo $row['paddress']."paddress<br>"; //echo $row['caddress']."caddress<br>"; //echo $row['incometype']."incometype<br>"; //echo $row['incomeamt']."incomeamt<br>"; //echo $row['dad']."dad<br>"; //echo $row['fyes']."fyes<br>"; //echo $row['dadocup']."dadocup<br>"; //echo $row['mom']."mom<br>"; //echo $row['myes']."myes<br>"; //echo $row['momocup']."momocup<br>"; //echo $row['password']."password<br>"; } echo "Thanks for Register!"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con); ?> <form name="security" action="index.php" method="post"> <input type="submit" value="click here to login"> </form> </body> </html> Code: [Select] <?php mysql_connect ("-","-","-") or die ('Error'); mysql_select_db ("-"); $out = mysql_query("SELECT * FROM guestbook ORDER BY id DESC"); while($row = mysql_fetch_assoc($out); --and this one if that braces is deleted { ----this is where im getting the error $name = $row['name']; $email = $row['email']; $txt = $row['comment']; $msg = "Are you sure you want to delete"; /* @var $_REQUEST <type> */ if (isset($_REQUEST ["action"]) && $_REQUEST["action"] == "del") { $id = intval($_REQUEST['id']); mysql_query("DELETE FROM guestbook WHERE id=$id;"); echo "<action=index.php>"; } echo "<font face='verdana' size='1'>"; echo "<table border='0'> <tr><td>Name: ".$name."</td></tr>"." <tr><td>Email: ".$email."</td></tr> <tr><td colspan='2'>Comment:</td></tr> <tr><td colspan='2' width='500'><b>".$txt."</b></td></tr> <tr><td><a onclick=\"return confirm('.$msg.');\" href='index.php?action=del&id=".$row['id']."'><span class='red'>["."Delete"."]</span></a> </td></tr> </table><br />"; echo "<hr size='1' width='500' align='left'></font>"; } ?> Kindly help me please. When i delete ({) the error will become the ( i dont know what to do already. Thanks. I have been trying to get my files to upload onto a computer and I receive this message: Parse error: syntax error, unexpected T_STRING in /home/content/19/6550319/html/listing.php on line 27. Line 27 is how the php logs into my SQL. The problem is that I was able to log in before. I just made changes to the form by adding a dropdown menu and price and now it says it doesnt parse. Can anyone figure this out. I will include the code without the login information because the forum is public but I did put the words left out for you to see where I took out the passcodes. Code: [Select] <?php //This is the directory where images will be saved $target = "potofiles/"; $target = $target . basename( $_FILES['photo']['name']); //This gets all the other information from the form $price=$_POST['price']; $gig=$_POST['giga']; $yesg=$_POST['yesg']; $pic=($_FILES['photo']['name']); $pic2=($_FILES['phototwo']['name']); $pic3=($_FILES['photothree']['name']); $pic4=($_FILES['photofour']['name']); $description=$_POST['iPadDescription']; $condition=$_POST['condition']; $fname=$_POST['firstName']; $lname=$_POST['lastName']; $email=$_POST['email'] // Connects to your Database mysql_connect ("left out", "left out", "left out") or die(mysql_error()) ; mysql_select_db("left out") or die(mysql_error()) ; //Writes the information to the database mysql_query("INSERT INTO listing (price,giga,yesg,photo,phototwo,photothree,photofour,iPadDescription,condition,firstName,lastName,email) VALUES ('$price', '$gig', '$yesg', '$pic', '$pic2', '$pic3', '$pic4', '$description', '$condition', '$fname', '$lname', '$email')") ; //Writes the photo to the server if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) { //Tells you if its all ok echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory"; } else { //Gives and error if its not echo "Sorry, there was a problem uploading your file."; } echo date("m/d/y : H:i:s", time()) ?>
Hello everyone,
1 <?php
7 // Create connection
10 // Check connection
14 $firstname = $conn->real_escape_string($_REQUEST['firstname']); 25 $sql2 = "INSERT INTO countries VALUES ('$country')"; 27 $sql3 = "INSERT INTO Contacts (firstname, lastname, address, city, country, phone, email) VALUES ('$firstname', '$lastname', '$address', $city, $country, '$phone_number','$email')";
29 SELECT * FROM cities;
if($conn->query($sql2) === true){
if($conn->query($sql3) === true){ Hi folks, I am a complete n00b at php and mysql. I am teaching myself from books and the WWW, but alas I am stuck... the error I get is: Parse error: syntax error, unexpected T_STRING in X:\xampp\htdocs\search.php on line 7 here is the code: <?php mysql_connect ("localhost", "user", "password") or die (mysql_error()); mysql_select_db ("it_homehelp_test") or die (mysql_error()); $term = $_POST['term']; $sql = $mysql_query(select * from it_homehelp_test where ClientName1 like '%term%'); <<<------this is line 7 while ($row = mysql_fetch_array($sql)){ echo 'Client Name:' .$row['ClientName1']; echo 'Address:' .$row['Address1']; echo 'Phone:' .$row['Tel1']; } ?> Any help you can offer would be great. I can also post the ".html" file that creates the search bar if it is needed. Thanks I just enabled error reporting and I am not that familiar with it. I know I have an error some where around line 33. I know I am missing a bracket or a comma or some other syntax error I just cannot find where the error is. Below is my script. Thanks for any help. Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Airline Survey</title> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <meta name="author" content="Revised by abc1234"/> </head> <body> <?php $WaitTime = addslashes($_POST["wait_time"]); $Friendliness = addslashes($_POST["friendliness"]); $Space = addslashes($_POST["space"]); $Comfort = addslashes($_POST["comfort"]); $Cleanliness = addslashes($_POST["cleanliness"]); $Noise = addslashes($_POST["noise"]); if (empty($WaitTime) || empty($Friendliness) || empty($Space) || empty($Comfort) || empty($Cleanliness) || empty($Noise)) echo "<hr /><p>You must enter a value in each field. Click your browser's Back button to return to the form.</p><hr />"; else { $Entry = $WaitTime . "\n"; $Entry .= $Friendliness . "\n"; $Entry .= $Space . "\n"; $Entry .= $Comfort . "\n"; $Entry .= $Cleanliness . "\n"; $Entry .= $Noise . "\n"; $SurveyFile = fopen("survey.txt", "w") } if (flock($SurveyFile, LOCK_EX)) { if (fwrite($SurveyFile, $Entry) > 0) { echo "<p>The entry has been successfully added.</p>"; flock($SurveyFile, LOCK_UN; fclose($SurveyFile); else echo "<p>The entry could not be saved!</p>"; } else echo "<p>The entry could not be saved!</p>"; } ?d> <p><a href="AirlineSurvey.html">Return to Airline Survey</a></p> </body> </html> I don`t get it, waht is wrong?! Code: [Select] <?php require_once 'auth.php'; if (!isset($_SESSION['SESS_VERIFY'])) { header("location: access-denied.php"); exit(); } if ($_SESSION['lang'] == 'Ro') { // setare data romania date_default_timezone_set('Europe/Bucharest'); $today = getdate(); $zi = $today['mday']; $luna = $today['mon']; $lunastring = $today['month']; $an = $today['year']; $data = $zi.$luna.$an; $data = (string)$data; $ora = date('H:i:s'); $msg = array(); $err = array(); $luni = array ( 1=>'Ianuarie', 2=>'Februarie', 3=>'Martie', 4=>'Aprilie', 5=>'Mai', 6=>'Iunie', 7=>'Iulie', 8=>'August', 9=>'Septembrie', 10=>'Octobrie', 11=>'Noiembrie', 12=>'Decembrie'); // comun const SQL_ERR = 'SQL statement failed with error: '; const ADD_MODEL = 'ADAUGA UN MODEL NOU'; . .many constants.. . } elseif ($_SESSION['lang'] == 'It') {... Thank you! SET UP: Windows vista # XAMPP 1.7.3, # Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l # MySQL 5.1.41 + PBXT engine # PHP 5.3.1 # phpMyAdmin After entering various different information from previous forms on different pages I finally get this error message "Parse error: syntax error, unexpected T_STRING in C:\blablah on line 31" on the following code: <?php //let's start our session, so we have access to stored data session_start(); include 'db.inc.php'; $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die ('Unable to connect. Check your connection parameters.'); mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db)); //let's create the query $query = 'INSERT INTO subscriptions (name, email_address, membership_type, terms_and_conditions, name_on_card, credit_card_number, credit_card_expiration_data) VALUES ( "' . $_SESSION[$name, $db] . '", ' . $_SESSION[$email_address, $db] . '", ' . $_SESSION[$membership_type, $db] . '", ' . $_SESSION[$terms_and_conditions, $db] . '", ' . $_POST[$name_on_card, $db] . '", ' . $_POST[$credit_card_number, $db] . '", ' . $_POST[$credit_card_expiration, $db] . ')'; if (isset($query)) { $result = mysql_query($query, $db) or die(mysql_error($db)); } ?> <p>Done!</p> </body> </html> ?> Any help would be appreciated. I'm practicing this with the ambition to develop a multi-page registration using sessions for a website so even web pages that might help me with this aim would be good. |
|||||||