I have code for two pages,I got those from my practise book website but I think they got errors in both Book n website :

Here please check errors and point those coz I am a newbie in PHP:

Here is the code for access_logger.php page:

<?php
require_once ('common_db.inc');
$exclude_dirs = array('/info', '/contact');
$exclude_files = array('index.html', 'info.html', 'register.php');
$user_tablename = 'user';
$access_log_tablename = 'access_log';
$PHP_SELF = $_SERVER['PHP_SELF'];


session_start();
session_register('userid', 'userpassword');
if (!$_SESSION['userid']){
$filepath = dirname($_SERVER['SCRIPT_FILENAME']);
$filename = basename($_SERVER['SCRIPT_FILENAME']);
if($filepath == '') $filepath = '/';

$auth_done = 0;

for($j=0; $j < count($exclude_dirs); $j++) {
if($exclude_dirs[$j] == $filepath) break;
else {
for($i=0; $i< count($exclude_files); $i++) {

if($exclude_files[$i] == $filename) break;

if ($i == (count($exclude_files) - 1)){

do_authentication();
$auth_done = 1;
break;
}
}
}
if($auth_done) break;
}
}
?>


if ($_SESSION['userid'] && $_SESSION['userpassword']){
$userid = $_SESSION['userid'];
$filename = basename($_SERVER['SCRIPT_FILENAME']);
$link_id = db_connect($default_dbname);
$query = "SELECT userid FROM $access_log_tablename
WHERE page = '$filename'
AND userid = '$userid'";
$result = mysql_query($query);

if(!mysql_num_rows($result))

$query = "INSERT INTO $access_log_tablename
VALUES ('$filename', '$userid', 1, NULL)";
else $query = "UPDATE $access_log_tablename
SET visitcount = visitcount + 1, accessdate = NULL
WHERE page = '$filename' AND userid = '$userid'";

mysql_query($query);

$num_rows = mysql_affected_rows($link_id);
if($num_rows != 1) die(sql_error());
}


function do_authentication() {
global $default_dbname, $user_tablename, $access_log_tablename;
global $MYSQL_ERROR, $MYSQL_ERRNO;
global $filename;
global $PHP_SELF;

if(!isset($_POST['userid'])) {
login_form();
exit;
}


else {
$_SESSION['userpassword'] = $_POST['userpassword'];
$_SESSION['userid'] = $_POST['userid']; }
$userid = $_POST['userid'];
$userpassword = $_POST['userpassword'];
$link_id = db_connect($default_dbname);
$query = "SELECT username FROM $user_tablename
WHERE userid = '$userid'
AND userpassword = password('$userpassword')";
$result = mysql_query($query);


if(!mysql_num_rows($result)) {
session_unregister("userid");
echo "Authorization failed. " .
"You must enter a valid userid and password combo. " .
"Click on the following link to try again.<BR>\n";
echo "<A HREF=\"$PHP_SELF\">Login</A><BR>";
echo "If you're not a member yet, click on the " .
"following link to register.<BR>\n";
echo "<A HREF= \"register.php\">Membership</A>";
exit;
}


else {
$query = "SELECT userid FROM $access_log_tablename
WHERE page = '$filename'
AND userid = '$userid'";
$result = mysql_query($query);

if(!mysql_num_rows($result))

$query = "INSERT INTO $access_log_tablename
VALUES ('$filename', '$userid', 1, NULL)";
else $query = "UPDATE $access_log_tablename
SET visitcount = visitcount + 1, accessdate = NULL
WHERE page = '$filename' AND userid = '$userid'";

mysql_query($query);

$num_rows = mysql_affected_rows($link_id);
if($num_rows != 1) die(sql_error());
}
}


------------------------------------------------------------
When I open this page I get this error:


Fatal error: Call to undefined function do_authentication() in \wamp\www\my_app\access_logger.php on line 28

--------------------------------------------------------------
And code for my second page auth_user is :


<?php
include_once "./common_db.inc";
$register_script = "./register.php";



if(!isset($userid)) {
login_form();
exit;


} else {
session_start();
session_register("userid", "userpassword");
$username = auth_user($_POST['userid'], $_POST['userpassword']);



if(!$username) {
$PHP_SELF = $_SERVER['PHP_SELF'];
session_unregister("userid");
session_unregister("userpassword");
echo "Authorization failed. " .
"You must enter a valid userid and password combo. " .
"Click on the following link to try again.<BR>\n";
echo "<A HREF=\"$PHP_SELF\">Login</A><BR>";
echo "If you're not a member yet, click " .
"on the following link to register.<BR>\n";
echo "<A HREF=\"$register_script\">Membership</A>";
exit;
}
else echo "Welcome, $username!";
}



function login_form() {
global $PHP_SELF;
?>
<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<FORM METHOD="POST" ACTION="<?php echo "$PHP_SELF"; ?>">
<DIV ALIGN="CENTER"><CENTER>
<H3>Please log in to access the page you requested.</H3>
<TABLE BORDER="1" WIDTH="200" CELLPADDING="2">
<TR>
<TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>ID</TH>
<TD WIDTH="82%" NOWRAP>
<INPUT TYPE="TEXT" NAME="userid" SIZE="8">
</TD>
</TR>
<TR>
<TH WIDTH="18%" ALIGN="RIGHT" NOWRAP>Password</TH>
<TD WIDTH="82%" NOWRAP>
<INPUT TYPE="PASSWORD" NAME="userpassword" SIZE="8">
</TD>
</TR>
<TR>
<TD WIDTH="100%" COLSPAN="2" ALIGN="CENTER" NOWRAP>
<INPUT TYPE="SUBMIT" VALUE="LOGIN" NAME="Submit">
</TD>
</TR>
</TABLE>
</CENTER></DIV>
</FORM>
</BODY>
</HTML>
<?
}


function auth_user($userid, $userpassword) {
global $default_dbname, $user_tablename;

$link_id = db_connect($default_dbname);


$query = "SELECT username FROM $user_tablename
WHERE userid = '$userid'
AND userpassword = password('$userpassword')";
$result = mysql_query($query);


if(!mysql_num_rows($result)) return 0;
else {
$query_data = mysql_fetch_row($result);
return $query_data[0];
}
}


------------------------------------------------------

And when I run this page I get this error:


Parse error: syntax error, unexpected $end in C:\wamp\www\my_app\auth_user.php on line 93

Fatal error: Call to undefined function do_authentication() in \wamp\www\my_app\access_logger.php on line 28
I think you have missed to include the file which contains the definition of the funcion do_authentication() in to access_logger.php where its being called.

For the second piece of code/error, just the posted code does not produce the error. Therefore, something in the included file is causing a mismatch in opening or closing elements (typically a missing { or }) and is causing the error.

For the first error, the do_authentication() function definition is present in the first file, but there is a closing ?> tag on line 37 that is preventing the php code after that point from being seen by the php parser.

Since you are just learning PHP, here is a critique of the code you found and are attempting to use (we don't want you to pickup too many bad programming habits) -

The include/require file names do not end in .php. The .inc extension will allow anyone to view their contents by simply browsing to them (if someone got or guessed their file name.) So, if they contained something like your database username and password, someone would then know those. All files that contain any code or data that php uses should have a .php extension so that someone cannot see the code or data in the file by simply browsing to it.

The code is dependent on register globals being on. Specifically it is using the depreciated functions - session_register() and session_unregister() - and it appears to be referencing at least one variable that is appearing out of nowhere - $userid. Once you get to the point of executing this code, it probably won't work due to these items. The book/web site where you got this code must be old. Register globals were turned off by default in PHP version 4.2 in the year 2002. No new code, text books, tutorials... written after that time should have relied on register globals being on.

There is no error checking, error reporting, or error recovery logic on any of the mysql_xxxxxxx() function calls. When they fail (and they will when you are learning and at any time in the future when you are developing and debugging code), the code will blindly continue executing and attempt to operate on non-existent data. The program logic for every mysql_xxxxxx() function call needs to check if the function call failed. The coding examples in the php manual for each of the mysql_xxxxx() functions contains typical error checking logic.

The functions were written passing all data to them by using the GLOBAL keyword instead of as parameters in the function call. This makes the function non-modular, which defeats the purpose of putting the code into a function, it might as well be copy/pasted each place it gets used. Except in rare cases, all data that a function uses should be passed as parameters in the function call. Some of the data that is being passed using the GLOBAL keyword is already based on global arrays and could have been accessed directly, specifically the references to $_SERVER['PHP_SELF']