Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 30
  1. #1
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts

    unexpected T_CONSTANT_ENCAPSED_STRING

    Hey
    I'm starting to think that I must be a total pathetic loonie - I've asked several people if they think that anything is wrong with the following code, and they have all said no.
    The error I'm getting is "
    Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/httpd/vhosts/students-voice.co.uk/httpdocs/students/reg.php on line 12"

    The code is:
    PHP Code:
    <?php

    include("dbconnect.php");

    $username trim($_POST['username']);
    $pass trim($_POST['password']);
    $emailaddress trim($_POST['email']);

    if (empty(
    $username) || empty($pass) || empty($emailaddress))

    {
    echo 
    'Please go back and fill in all the required fields';
    }

    else

    {
    $sql_update "INSERT INTO $table_name (username, password, email) VALUES ($username, $pass, $emailaddress)";
    $result_update = @mysql_query($connection$sql_update) or die(mysql_error());
    echo 
    "Thankyou $username, your account has been created. You may now log in.";
    }

    /*Next Steps:
    1) Check to see whether DB already has username which has been inputted by $_POST['username'];
    2) Work out parse error
    3) Hash inputted password into DB
    */


    ?>
    Line 12 is
    PHP Code:
    echo 'Please go back and fill in all the required fields'
    I know that it's usually the lines either side of the mentioned line that actually has the buggy code but this one's bugging me...I can't see any error there, not around line 12 anyway. I tried (empty($username) || empty($pass) || empty($emailaddress)); and (empty($username) || empty($pass) || empty($emailaddress)) without the semi colon at the end and that made no difference.

    BTW, How would I go 'bout so that when the inputted username is queried in the database, it checks to see whether it exists, if it does it inserts it but if it doesn't, it echos out an error? I've got a basic idea but would like someone to show me the correct way

    Danke/Cheers/ta/thanks,

    Jamie.

  • #2
    Regular Coder
    Join Date
    Aug 2004
    Location
    The US of A
    Posts
    767
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I can't see what's issusing the error, but there are problems with the code. You forgot to protect against SQL injections. =)

    Also, check for existence before inserting the user data.

  • #3
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Quote Originally Posted by Kurashu
    . You forgot to protect against SQL injections. =)
    Yeah I know, I haven't got that far enough yet to put to insert measures so that my form can't be compromised.

    In terms of checking to see whether the user exists, how would I go about doing that?

  • #4
    teh Moderatorinator
    Join Date
    Sep 2004
    Location
    USA
    Posts
    2,472
    Thanks
    4
    Thanked 40 Times in 40 Posts
    I see two things, 1 - You have the parameters of mysql_query() backwards, should have the query string first, then the connection link. 2 - You need to quote your values that you are inserting if they are strings.
    PHP Code:
    $sql_update "INSERT INTO $table_name (username, password, email) VALUES ('$username', '$pass', '$emailaddress')";
    $result_update = @mysql_query($sql_update$connection) or die(mysql_error()); 
    If you're going to encrypt the password, you can just run it though md5() or whichever encryption you're going to use when you insert your values.
    To determine if the username already exists, something like this, psuedo code:
    PHP Code:
    select username from table where username $username
    // now do a mysql_num_rows() and if it returns a row, the username already exists, else it doesn't 

  • #5
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Ah yeah cheers, I learnt something

    I still have a parse error on line 12 though.

  • #6
    Regular Coder
    Join Date
    Aug 2004
    Posts
    280
    Thanks
    0
    Thanked 0 Times in 0 Posts
    maybee because of newline behind that if condition insread '{' ?

  • #7
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Well it shouldn't make any difference really, however I'll give it a go.

    Also, I've got mysql_num_rows($check, $connection), now what? :
    PHP Code:
    $check "SELECT username FROM $table_name where USERNAME = $username"
    mysql_num_rows($check$connection); 
    - now I want it to echo out "Username already taken" when an inputted entry already exists in the DB and it to add it when it's not..

    Sorry for all the questions, I'm still learning

  • #8
    Regular Coder
    Join Date
    Dec 2002
    Location
    UK
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hey weazel.. I use this code so should work fine for you.

    PHP Code:
             $query "SELECT user_name FROM users WHERE user_name='$user_name'";
             
    $result mysql_query($query);
             
    $numrows mysql_num_rows($result);
             if (
    $numrows == "0") { // if username is unique
                  // do insert query here
             
    } else {
                      echo 
    "username is already in use. choose another.";
                      exit(); } 

  • #9
    Regular Coder
    Join Date
    Dec 2002
    Location
    UK
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Also,

    PHP Code:
    <?php

    $username 
    "jimmy";
    $pass "pwd";
    $email "user@domain.com";

    if (empty(
    $username) || empty($pass) || empty($email)) {
        echo 
    "one or more is empty";
        } else {
        echo 
    "none are empty.";
        }

    ?>
    works for me so maybe its one your form element names, like POST['emailaddress'] is actually POST['email'] as this would return empty.

  • #10
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    What is in dbconnect.php?
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #11
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Quote Originally Posted by bfsog
    Hey weazel.. I use this code so should work fine for you.

    PHP Code:
             $query "SELECT user_name FROM users WHERE user_name='$user_name'";
             
    $result mysql_query($query);
             
    $numrows mysql_num_rows($result);
             if (
    $numrows == "0") { // if username is unique
                  // do insert query here
             
    } else {
                      echo 
    "username is already in use. choose another.";
                      exit(); } 
    Ah right...that's what I thought, just couldn't visualise it Cheers.

    In terms of dbconnect.php:

    PHP Code:
    <?php 

    session_start
    (); 

    $db_name "db_name"
    $table_name "table_name"
    $bad_auth "Invalid Username and password";

    //db connection.
    $connection = @mysql_pconnect("localhost""username""password") or die("cannot make connection"); 
    $db = @mysql_select_db($db_name$connection) or die(mysql_error()); 

    //query db.
    $sql "SELECT username, password FROM $table_name WHERE username = '$_POST[username]' AND password = '$_POST[password]'"
    $result = @mysql_query($sql$connection) or die(mysql_error()); 
    $row mysql_fetch_array ($resultMYSQL_NUM); 

    if(
    $row)  

        
    $_SESSION['username'] = $_POST['username']; 
        
    header ("location: members.php"); 
        exit(); 

    else  

        
    header ("location: index.php"); 
        exit(); 


    ?>

  • #12
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    PHP Code:
    if($row)   
    {  
        
    $_SESSION['username'] = $_POST['username'];  
        
    header ("location: members.php");  
        exit();  
    }  
    else   
    {  
        
    header ("location: index.php");  
        exit();  

    This means that none of the code after the include is executed...
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #13
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Ah right. I forgot about the session side of things - I'll change the DB connection properties in the registration form.

  • #14
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Okay I've got the script working now, well almost.
    When I load it (http://www.students-voice.co.uk/students/reg2.php), I get:

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/httpd/vhosts/students-voice.co.uk/httpdocs/students/reg2.php on line 43
    The username you specified is already in use, please choose another.

    The username error is echoed out before anything's been checked.

    Code:

    PHP Code:
    <?php

    $connection 
    = @mysql_pconnect("localhost""username""pass") or die("cannot make connection"); 
    $table_name 'phpbb';
    $user_name trim($_POST['username']);
    $pass trim($_POST['password']);
    $emailaddress trim($_POST['email']);

    if (empty(
    $username) || empty($pass) || empty($email)) { 


    echo 
    "Please go back and fill in all the fields";


    else
    {
    $query "SELECT user_name FROM $table_name WHERE username='$user_name'";
    $result mysql_query($query$connection);
    $numrows mysql_num_rows($result);
    }

    if (
    $numrows == "0") {
    "INSERT INTO $table_name (username) VALUES ('$username')";
    "INSERT INTO $table_name (password) VALUES ('$pass')";
    "INSERT INTO $table_name (email) VALUES ('$emailaddress')";
    }
    else
    {
    echo 
    "The username you specified is already in use, please choose another.";
    exit(); 
    }

    ?>

  • #15
    Regular Coder
    Join Date
    Dec 2002
    Location
    UK
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hey.. I dont know if this is it, but you need to assign your INSERT to a variable and then run it through mysql so change..

    PHP Code:
    if ($numrows == "0") {
    "INSERT INTO $table_name (username) VALUES ('$username')";
    "INSERT INTO $table_name (password) VALUES ('$pass')";
    "INSERT INTO $table_name (email) VALUES ('$emailaddress')";
    }
    else
    {
    echo 
    "The username you specified is already in use, please choose another.";
    exit(); 
    to
    PHP Code:
    if ($numrows == "0") {
    $insert "INSERT INTO $table_name (username,password,email) VALUES ('$username','$pass','$emailaddress')";
    mysql_query($insert) or die ("Could not add data to the table");
    if(
    mysql_affected_row==1) {
    echo 
    "Row Inserted OK"; }
    }
    else
    {
    echo 
    "The username you specified is already in use, please choose another.";
    exit(); 



  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •