Results 1 to 3 of 3

Thread: simple php error

  1. #1
    Join Date
    Jul 2011
    Location
    hyderabad,India
    Posts
    58
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Default simple php error

    hi all,
    i am getting error on the following php program.it is displaying the error as "Parse error: syntax error, unexpected T_STRING in C:\xampp\htdocs\newlogin.php on line 12"
    not getting what is the problem with it..
    below is my login.php code...
    Code:
    <?php
    if(isset($_POST['sub']))
    {
    mysql_connect("localhost","root","");
    mysql_select_db("test");
    $uname=$_POST['txtuname'];
    $pwd=$_POST['txtpwd'];
    $sqlstt="select * from users where uid='$uname' and pwd='$pwd';
    $data=mysql_query($sqlstt);
    if(mysql_num_rows($data)==1)
    {
    header("Location:welcome.php?un=$uname");
    }
    else
    {
    echo "invalid";
    }
    }
    ?>
    <form method="post" action="">
    username:<input type='text' name='txtuser'>
    <br>
    password:<input type='text' name='txtpwd'>
    <br>
    <input type='submit' name='sub' value='login'>
    </form>
    also is the welcome.php
    Code:
    <?php
    $user=$_REQUEST['un'];
    echo "welcome to ".$user;
    ?>

  2. #2
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    You never end this string

    PHP Code:
    $sqlstt="select * from users where uid='$uname' and pwd='$pwd'; 
    should be
    PHP Code:
    $sqlstt="select * from users where uid='$uname' and pwd='$pwd'"
    Corrections to my coding/thoughts welcome.

  3. #3
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    You also should escape your strings because that code is open to a sql injection.

    http://php.net/manual/en/function.my...ape-string.php
    http://www.php.net/manual/en/securit...-injection.php
    Corrections to my coding/thoughts welcome.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •