problem with login script

Forum Moderators: coopster

Message Too Old, No Replies

problem with login script

supermanjnk

4:27 am on Jul 9, 2004 (gmt 0)

Alright i've keep getting this error when i try to use information based off of a form, the error I get is:

Parse error: parse error, unexpected '\"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/youth22/public_html/testing/authtest.php on line 14

that line is
$sql = "SELECT * FROM $utable WHERE username='$_POST["Username"]' and user_password='" . md5 ($_POST["Password"]) . "'";

any help would be great. I was under the impression (from what i've read, that $_POST["input name"] would supply the information from that input (on a form) but sql or something doesn't seem to like that.

rlkanter

4:42 am on Jul 9, 2004 (gmt 0)

If you're going to use a " to begin/end string you have to use a \ before the " inside the quotes. For example:

$sql = "SELECT * FROM $utable WHERE username='$_POST[\"Username\"]' and user_password='" . md5 ($_POST["Password"]) . "'";

To be honest even though this might fix the error you probably want it be:

$sql = "SELECT * FROM $utable WHERE username='" .$_POST["Username"]. "' and user_password='" . md5 ($_POST["Password"]) . "'";

This will make sure the variables are correctly inserted into the string.

[edit: re-phrased to clarify]

supermanjnk

8:53 pm on Jul 9, 2004 (gmt 0)

I still get errors (same ones)

coopster

9:11 pm on Jul 9, 2004 (gmt 0)

Either of those should work for you...are you sure you have the single and double quotes in correctly. Here it is again, preformatted:

$sql = "SELECT * FROM $utable WHERE username='" . $_POST['Username'] . "' AND user_password = '" . md5($_POST['Password']) . "'";

[edited by: coopster at 9:27 pm (utc) on July 9, 2004]

supermanjnk

9:27 pm on Jul 9, 2004 (gmt 0)

That works to an extent, except now it pops up a login box, which i don't want it to do, I want it to take the information strictly from the form, i don't want to have to type it into an ugly box. Basically i'm trying to modifiy a session script, and make it so it pulls the login information from an sql directory instead of a text file.

coopster

9:30 pm on Jul 9, 2004 (gmt 0)

You lost me there...are you saying a Basic Authentication system is in place already, as in

.htaccess

? If so, and you are going to a full-blown user-defined authentication system by means of a database, you won't need the

.htaccess

file (once your login code is working effectively). I don't follow what you mean by the "ugly box"...?

supermanjnk

10:36 pm on Jul 9, 2004 (gmt 0)

NEVERMIND I FIXED IT
*Smacks self in head multiple times*

all i had to do was make <?php to <?

ARGH!

supermanjnk

11:39 pm on Jul 9, 2004 (gmt 0)

sorry about the double post but I can't edit mine anymore ran out of time. anyway

Codes working fine now, one more question (for now anyway):

$num = mysql_num_rows($result);
if ($num!= "0") {
header("Location: /gallery");
exit; } else { header("Location: /testing");
}
?>

is it possible to make these links open in a frame?

edit is my friend: if thats possible, is it possible to open two links in two seperate frames (I know it can be done with javascript, but javascript doesn't like being in my php)

coopster

1:46 pm on Jul 10, 2004 (gmt 0)

You can write javascript out with php, same way you write html out with php. Just make sure your code is escaped correctly and you are good to go.