I am getting a weird error in my login script. While through research i couldn't identify the problem. I am wondering if someone can help me thanks. This is the error message,
Parse error: syntax error, unexpected $end on line 43.
code:
<?php
session_start();
if(!isset($_SESSION["user_id"])){
header("location:../../login.html");
}
?>
<?php
$username = $_POST['txt_username'];
$password = $_POST['txt_password'];
if ($username&&$password){
$connect = mysql_connect("server", "username", "password") or die("No Server Found");
mysql_select_db("databse") or die("No Connection");
$query = mysql_query("SELECT * FROM account WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows !=0){
while ($rows = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username == $dbusername && $password == dbpassword) {
echo "Login Successful. <a href='homepage.html'>Click Here to go to the home page</a>";
$_SESSION['username'] = $dbusername;
} elseif ($username == '' || $password == '') {
die("Please enter a username and password");
} elseif (empty($dbusername)) {
die("This account does not exsist");
} else {
die("Please enter a username and password");
}
}
?>
You need a closing brace on the last line, to close this if statement:
if ($username&&$password){
A decent IDE should have picked this up.
You are missing $ on dbpassword line 28 & need to sanitize $username.
You did not close one of the if statements.
if ($username&&$password){
You are missing an ending closing brace of the top most if condition. Your code should be like this:
<?php
session_start();
if(!isset($_SESSION["user_id"])){
header("location:../../login.html");
}
?>
<?php
$username = $_POST['txt_username'];
$password = $_POST['txt_password'];
if ($username&&$password){
$connect = mysql_connect("server", "username", "password") or die("No Server Found");
mysql_select_db("databse") or die("No Connection");
$query = mysql_query("SELECT * FROM account WHERE username='$username'");
$numrows = mysql_num_rows($query);
if($numrows !=0){
while ($rows = mysql_fetch_assoc($query)){
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
if ($username == $dbusername && $password == dbpassword) {
echo "Login Successful. <a href='homepage.html'>Click Here to go to the home page</a>";
$_SESSION['username'] = $dbusername;
} elseif ($username == '' || $password == '') {
die("Please enter a username and password");
} elseif (empty($dbusername)) {
die("This account does not exsist");
} else {
die("Please enter a username and password");
}
}
}
?>