...

View Full Version : Parse error: syntax error, unexpected T_IF



ycpc55
08-06-2012, 04:52 PM
Hi,
i've been trying to make my login script a little more secure but came across a little problem. I'm getting unexpected T_IF on line 34.
Thanks.


require("db.php");
$submitted_user = '';
$errormessage = '';
if(!empty($_POST))
{
$query = "SELECT id,user,password,salt,actnum FROM users WHERE user = :user";
$query_params = array(
':user' => $_POST['user']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$login_ok = false;
$row = $stmt->fetch();
if($row)
{
$check_password = hash('sha256', $_POST['password'] . $row['salt']);

/////////New Password code added/////////////////////////////
$salt = hash('sha256', $salt);
$hash = hash('sha256', $_POST['password'] . $salt);
for ($i=0; $i<16384; $i++){
$hash = hash('sha256', $hash . $salt);
}
$check_password = $hash
/////////////////////////////////////////////////////////////

if($check_password === $row['password'])
{
$login_ok = true;
}
}
if( !$login_ok ) {
$errormessage = "User ID/password mismatch";
} elseif( $row['actnum'] != '0' ) {
$errormessage = "Account not activated";
} else {
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
header("Location: users");
}
}
$submitted_user = htmlentities($_POST['user'], ENT_QUOTES, 'UTF-8');

AndrewGSW
08-06-2012, 05:48 PM
So am I to assume that '0' resolved your previous post..

ycpc55
08-06-2012, 05:54 PM
yes it did sorry i had the message typed out but hit the thank you button sorry about that lol.

AndrewGSW
08-06-2012, 05:54 PM
Answer repeated in correct post:

$check_password = $hash;

PHP statements are semi-colon terminated.

ycpc55
08-07-2012, 03:56 AM
Thanks again that also worked.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum