SitePoint Sponsor

User Tag List

Results 1 to 12 of 12
  1. #1
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    find parse error implementing Kevin's scripts

    Kevin's article, "Managing Users with PHP Sessions and MySQL" is the clearest I've seen. I thought I had adapted it to my needs, which are basically just to log users in who already have a username and password, then maintain their sessions. I keep getting the following error when I try the test page. I've spent a couple of hours trying to find the error. Please spot it if you can. (I've used "my..." where I'm hiding my actual directories.)

    Error message:

    Parse error: parse error in /home/myusername/mylib/accesscontrol.php on line 63

    Here's the test page :

    <?php // include("accesscontrol.php"); ?>
    <?php require('/home/myusername/mylib/accesscontrol.php');?>
    <html>
    <head>
    <title> Members-Only Page </title>
    </head>
    <body>
    <p>Welcome, <?=$username?>! You have entered a members-only area of the site. Don't you feel special?</p>
    </body>
    </html>


    Here's my slightly modified version of Kevin's script :

    <?php // accesscontrol.php
    include("common.php");
    include("db.php");
    session_start();

    if(!isset($txtName)) {
    ?>

    <html>
    <head>
    <title> Please Log In for Access </title>
    </head>
    <body>
    <h2> Login Required </h2>
    <p>You must log in to access this area of the site.<p>
    <form method="post" action="<?=$PHP_SELF?>">
    User ID: <input type="text" name="txtName" size="12"><br>
    Password: <input type="password" name="password" SIZE="12"><br>
    <input type="submit" value="Log in">
    </form></p>
    </body>
    </html>

    <?php
    exit;

    session_register("txtName");
    session_register("password");

    dbConnect("my_database");
    $sql = "SELECT * FROM sspass WHERE ss = '$txtName' AND pwd = '$password'";
    $result = mysql_query($sql);
    if (!$result) {
    error("A database error occurred while checking your login details.");
    }

    if (mysql_num_rows($result) == 0) {
    session_unregister("txtName");
    session_unregister("password");
    ?>

    <html>
    <head>
    <title> Access Denied </title>
    </head>
    <body>
    <h2> Access Denied </h2>
    <p>Your user ID or password is not found. To try logging in again, click
    <a href="<?php echo $PHP_SELF; ?>">here</a>.</p>
    </body>
    </html>

    <?php
    exit;
    }

    ?>

  2. #2
    Prolific Blogger silver trophy Technosailor's Avatar
    Join Date
    Jun 2001
    Location
    Before These Crowded Streets
    Posts
    9,446
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    see if this works

    PHP Code:
    <?php 
    exit; 

    session_register("txtName"); 
    session_register("password"); 

    dbConnect("my_database"); 
    $sql "SELECT * FROM sspass WHERE ss = '$txtName' AND pwd = '$password'"
    $result mysql_query($sql); 
    if (!
    $result) { 
    error("A database error occurred while checking your login details."); 


    if (
    mysql_num_rows($result) == 0) { 
    session_unregister("txtName"); 
    session_unregister("password"); 
    }
    ?>
    You'd need the '}' at the end.
    Sketch
    Aaron Brazell
    Technosailor



  3. #3
    Happy Holidays !! Paul S's Avatar
    Join Date
    Mar 2001
    Location
    Mexico
    Posts
    1,287
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Which one is line 63?

  4. #4
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It worked.

    Many, many thanks, Stretch.

  5. #5
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've played with it some more, and it is passing the username to subsequent pages properly, but it's accepting any password. It's supposed to be checking the password against the one stored in the database. Any idea why it's accepting bad passwords?

  6. #6
    Prolific Blogger silver trophy Technosailor's Avatar
    Join Date
    Jun 2001
    Location
    Before These Crowded Streets
    Posts
    9,446
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this might do it:
    PHP Code:
    <form method="post" action="<?=$PHP_SELF;?>">
    I put a semicolon at the end of your PHP statement

    Sketch
    PS...not STRETCH
    Aaron Brazell
    Technosailor



  7. #7
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    A semi-colon will give you an error. Its either

    PHP Code:
    <form method="post" action="<?=$PHP_SELF?>">
    or

    PHP Code:
    <form method="post" action="<? echo $PHP_SELF?>">
    But not both
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  8. #8
    Prolific Blogger silver trophy Technosailor's Avatar
    Join Date
    Jun 2001
    Location
    Before These Crowded Streets
    Posts
    9,446
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was thinking the second statement....
    Sketch
    Aaron Brazell
    Technosailor



  9. #9
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry about the "Stretch," Sketch.

    I probably did something similar to this script I'm trying to get working.

  10. #10
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Back to the original fix: Adding that brace got the page to display properly and use the correct username, but I wonder if it isolated the subsequent HTML from the if statement so that the HTML doesn't execute.

    if (mysql_num_rows($result) == 0) {
    session_unregister("txtName");
    session_unregister("password");
    ?>

    Does adding a closing brace here isolate the html below from the "if" above?

    <html>
    <head>
    <title> Access Denied </title>

    Is there some way to more explicitly force the "Access Denied" page to appear if the login data are wrong?

  11. #11
    SitePoint Member
    Join Date
    Oct 2001
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    problem solved

    Inserting a closing brace after the first "exit;" made the script work perfectly.

    Thank you, Kevin Yank, for by far the best articles on PHP and mySQL I've found anywhere.

  12. #12
    Happy Holidays !! Paul S's Avatar
    Join Date
    Mar 2001
    Location
    Mexico
    Posts
    1,287
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This,
    PHP Code:
    <?php
    if (mysql_num_rows($result) == 0) { 
        
    session_unregister("txtName"); 
        
    session_unregister("password"); 
    ?> 

    <html> 
    <head> 
    <title> Access Denied </title>
     
    <?php ?>
    is exactly the same as
    PHP Code:
    <?php
     
    if (mysql_num_rows($result) == 0) { 
         
    session_unregister("txtName"); 
         
    session_unregister("password");  

         echo 
    '<html> 
           <head> 
           <title> Access Denied </title>'
    ;
     }
    ?>


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •