Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7

Thread: Login script 2

  1. #1
    Regular Coder
    Join Date
    Nov 2007
    Posts
    680
    Thanks
    319
    Thanked 1 Time in 1 Post

    Login script 2

    I don't see a problem in the code :/

    Error:
    Code:
    Parse error: syntax error, unexpected '{', expecting '(' in /home/a9012858/public_html/admin/scripts/check_login.php  on line 29
    PHP:
    PHP Code:
    <?php
    session_start
    ();

    //Database connection
    $dbhost "hostname";
    $dbuser "username"//Database username goes here
    $dbpass "password"//Database password goes here
    $dbname "databasename"//Database name

    //Connect to database and set status variable for later use
    $con mysql_connect($dbhost$dbuser$dbpass);
    if (!
    $con) {
        
    $mess "Error connecting to database! Error: ".mysql_error(); // Error connection to mysql database
        
    header("Location:../login.php?mess=$mess");
    }

    $uname$_POST['username'];
    $pwordmd5($_POST['password']);
    $remMe$_POST['rememberme'];

    if (
    $uname == "" || $uname == NULL) { 
        
    $mess "Please enter your username!"// No username has been entered
        
    header("Location:../login.php?mess=$mess");
        } 
        
        elseif (
    $upass == "" || $upass == NULL) {
            
    $mess "Please enter your password!"//No password has been entered
            
    header("Location:../login.php?mess=$mess");
            } 
    //LINE 29 IS HERE BY THE WAY ##############################################################
            
            
    elseif    {
            
    //Tests have been passed
            
    mysql_select_db($dbname$con);
            
    $query=mysql_query("SELECT * FROM users");
            
            
    //Check if username and password matchs
            
    while ($row=mysql_fetch_array($query)) {
                
    $username=$row['username'];
                
    $password=$row['password'];
                
                if (
    $uname == $username && $pword == $password) {
                
    // Username and password matches, make session variables
                    
    $_SESSION['username']=$uname;
                    
    $_SESSION['password']=md5($pword);
                    
                    
    //Check is remember password has been set
                    
    if ($remMe==1) {
                        
    //Create cookies
                        
    setcookie("user""$uname".md5($pword), time()+0*0*0*7); //Should set the cookie to expire in a week
                    
    }
                    
    //Now redirect to main page
                    
    $mess "Login successfull!";
                    
    header("Location:../index.php?mess=$mess")
                }
            } 
    //END While
        
    }
    ?>
    Last edited by martynball; 03-14-2010 at 03:38 AM.

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    The error is on this line:

    PHP Code:
            elseif    { 
    You need a condition on that "if" statement.

    PHP Code:
            elseif ($mamma != "ho")    { 

  • #3
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Also from reading it, it appears you meant to use ELSE instead of ELSEIF.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #4
    Regular Coder
    Join Date
    Nov 2007
    Posts
    680
    Thanks
    319
    Thanked 1 Time in 1 Post
    Yup lol, I can see now. Should be else cheers

  • #5
    Regular Coder
    Join Date
    Nov 2007
    Posts
    680
    Thanks
    319
    Thanked 1 Time in 1 Post
    Same script, new problem.

    The $pword and $password do not match although they are the same word... the $password is saved in the database as a md5 hash key.
    The $pword is the password value from the form which is converted to a md5 hash key for comparison...

    But for some reason it is saying that they do not match...

    PHP Code:
    <?php
    session_start
    ();
    include 
    "connect.php";

    //Checks for error in connecting to database
    if (!$con) {
        
    $mess "Error connecting to database! Error: ".mysql_error(); // Error connection to mysql database
        
    header("Location:../login.php?mess=$mess");
    }

    $uname$_POST['username'];
    $pword$_POST['password'];
    $remMe$_POST['rememberme'];

    if (
    $uname == "" || $pword == "") { 
        
    $mess "Required fields not completed!"// No username has been entered
        
    header("Location:../login.php?mess=$mess");

        elseif (isset(
    $_SESSION['username']) && isset($_SESSION['password'])) {
                
    $mess "You are already logged in!";
                
    header("Location:../index.php?mess=$mess");
        }    else    {
            
    //Tests have been passed
            
    mysql_select_db($dbname$con);
            
    $query=mysql_query("SELECT * FROM users");
             
                if (!
    $query) { 
                    
    $mess "Unable to login! (Technical error)";
                    
    header("Location:../login.php?mess=$mess");
                }
             
            
    //Check if username and password matchs
            
    while ($row=mysql_fetch_array($query)) {
                
    $username=$row['username'];
                
    $password=$row['password'];
                
                if (
    $uname == $username && md5($pword) == $password) {
                
    // Username and password matches, make session variables
                    
    $_SESSION['username']=$uname;
                    
    $_SESSION['password']=md5($pword);
                    
                    
    //Check is remember password has been set
                    
    if ($remMe==1) {
                        
    //Create cookies
                        
    setcookie("user""$uname".md5($pword), time()+0*0*0*7); 
                    }
                    
    //Now redirect to main page 
                    
    $mess "Login successfull!";
                    
    header("Location:../index.php?mess=$mess");
                } elseif (
    $uname != $username && md5($pword) != $password) {
                    
    $mess "Invalid username or password! You entered: ".$uname.", ".md5($pword); //Invalid login
                    
    header("Location:../login.php?mess=$mess");
                }
            } 
    //END While 
        

         
    ?>

  • #6
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Echo them both side-by-side.

  • #7
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    that querys quite inefficient

    if you had thousands of users you'd be returning a huge recordset for a simple comparison

    something like
    Code:
    SELECT * FROM users WHERE username = (validated posted username)
    if you enforce unique usernames - then compare passwords etc. If you permit the same username then something like

    Code:
    SELECT * FROM users WHERE username = (validated posted uname) AND password = md5(validated posted password)
    my 2c


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •