Not sure how to fix PHP error -
i have created php script , keep on getting "wsod". have turned on error reporting not appear working. decided run script through online php checker , gave me error: "parse error: syntax error, unexpected 'index' (t_string) in code on line 6". not sure how solve , hoping able me.
<?php if ($username && $userid) { echo "you logged in <b>$username</b>."; } else { $form = "<form action="index.php" method="post"> <table> <tr> <td>username:</td> <td><input type="text" name="username"/></td> </tr> <tr> <td>password:</td> <td><input type="password" name="password"/></td> </tr> <tr> <td><input type="submit" name="loginbutton" value="login"/></td> </tr> <tr> <td><a href="register.php">register</a><a href="forgotpass.php">forgot password?</a></td> </tr> </table> </form>"; if ($_post['loginbutton']) { $user = $_post['username']; $password = $_post['password']; if ($username) { if ($password) { require("connect.php"); $password = md5 (md5("fkjhrfcdsj".$password."rehfkjrfd")); $query = mysql_query("select * members username ='$username'"); $numrows = mysql_num_rows($query); if ($numrows == 1) { $row = mysql_fetch_assoc($query); $dbid = $row ['id']; $dbuser = $row['username']; $dbpass = $row['password']; $dbactive = $row['active']; if ($password == $dbpass) { if ($dbactive == 1) { $_session['userid'] = $dbid; $_session['username'] = $dbuser; echo "you have been logged in <b>$dbuser</b>."} else echo "please activate account login. $form"; } else echo "you did not enter correct password. $form"; } else echo "the username entered not found. $form"; mysql_close(); } else echo "you must enter password. $form"; } else echo "you muse enter username. $form"; } else echo "$form"; } ?>
you have
$form = "<form action="index.php" method="post"> convert to
$form = "<form action=\"index.php\" method=\"post\"> this because you're wanting include html double quotes inside php double quote breaking php string creation. escaping slashes resolve issue.
you this
$form = '<form action="index.php" method="post">' and use single quotes define php string stops injecting variables later on without first breaking out of string.
so using php double quotes do
$form = "<form action=\"$anotherphpvarhere\" method=\"$phpvarhere\">" however using single quotes you'd have this
$form = '<form action="'.$anotherphpvarhere.'" method="'.$phpvarhere.'">'
Comments
Post a Comment