4 Replies - 313 Views - Last Post: 16 July 2013 - 05:18 PM Rate Topic: -----

#1 adamstenner  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 2
  • Joined: 16-July 13

syntax error, unexpected '$password'

Posted 16 July 2013 - 05:07 PM

<?php
session_start();
include "../includes/database.php";
?>
<?php
$username = mysqli_real_escape_string($con, $_POST['username']); //prevent SQL 
injection
$password = mysqli_real_escape_string($con, $_POST['password']);
$password = hash('sha256', $password);
$sql = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$result = mysqli_query($con, $sql) or die(mysqli_error($con)); //run the query
$row = mysqli_fetch_array($result); //create a variable called '$row' to store the 
results
$count=mysqli_num_rows($result); //count the number of rows returned by the query
if($count==1) //if the number of matching records equals 1
{
$_SESSION['login'] = $row['firstName']; //initialise a session called 'login' 
to have a value of 'firstName'
header('location:session1.php'); // redirect to session 1
}
else
{
$_SESSION['loginerror'] = "Incorrect Username or Password. Please try again.";
//if an error occurs initialise a session called 'loginerror' to have a value of the 
error msg
header('location:index.php'); //redirect to index.php
}
mysqli_close($con); //close the database connection
?>


Parse error: syntax error, unexpected '$password' (T_VARIABLE) in D:\xampp\htdocs\minisite_adamStenner\pages\login-process.php on line 8

can anyone help me with this?

This post has been edited by andrewsw: 16 July 2013 - 05:16 PM
Reason for edit:: Please use CODE tags


Is This A Good Question/Topic? 0
  • +

Replies To: syntax error, unexpected '$password'

#2 Kruithne  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: 99
  • View blog
  • Posts: 442
  • Joined: 28-July 09

Re: syntax error, unexpected '$password'

Posted 16 July 2013 - 05:15 PM

Simple error, you have the word injection just sat on your 7th line. Comments dictated by a double-slash do not span across multiple lines so it is not part of the //prevent SQL comment.

For future help requests, please put your code between code tags!

This post has been edited by Kruithne: 16 July 2013 - 05:15 PM

Was This Post Helpful? 0
  • +
  • -

#3 lukasz_ltt  Icon User is offline

  • New D.I.C Head

Reputation: 18
  • View blog
  • Posts: 29
  • Joined: 12-October 12

Re: syntax error, unexpected '$password'

Posted 16 July 2013 - 05:16 PM

You have error in your comment, there shouldn't be line break after SQL

WRONG:

$username = mysqli_real_escape_string($con, $_POST['username']); //prevent SQL
injection



GOOD:
$username = mysqli_real_escape_string($con, $_POST['username']); //prevent SQL injection



In other lines you have same error and put your code next time between brackets next time, it easier to read it.

This post has been edited by lukasz_ltt: 16 July 2013 - 05:17 PM

Was This Post Helpful? 0
  • +
  • -

#4 andrewsw  Icon User is offline

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3243
  • View blog
  • Posts: 10,882
  • Joined: 12-December 12

Re: syntax error, unexpected '$password'

Posted 16 July 2013 - 05:18 PM

Please in future use a sensible title for your question.
Was This Post Helpful? 0
  • +
  • -

#5 adamstenner  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 2
  • Joined: 16-July 13

Re: syntax error, unexpected '$password'

Posted 16 July 2013 - 05:18 PM

thank you
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1