-3

I have some PHP code that takes a post from the index and then allows you to log in. When i run it it say:

parse error: unexpected $end;

If anyone has any ideas please let me know ASAP because need it for a class in school. 

<?php

    $uname = $_POST["username"];

    $resultCount = 0;

    class MyDB extends SQLite3
   {
      function __construct()
      {
         $this->open('users.db');
      }
   }
   $db = new MyDB();
   if(!$db){
      echo $db->lastErrorMsg();
   }

    $sql =<<<EOF
    SELECT $uname from users;
    EOF;

    $ret = $db->exec($sql);

    foreach($ret as $uname){
            $resultCount++;
    }

    if($resultCount > 1){
        echo "failed to log in!";
        echo "please return <a href='index.php'>home</a>";
    }
    else{
        echo "logged in succesfully!";
        echo "welcome" . $_POST[username];
    }
?>
Improve this question
6
  • 2
    $_POST[username] (2nd to last line) should be $_POST["username"]. There might be more syntax errors. Commented Jun 5, 2015 at 12:33
  • @Halcyon that is not a syntax error... Commented Jun 5, 2015 at 12:35
  • halcyon i did this and i then said unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING Commented Jun 5, 2015 at 12:35
  • Use $sql = "SELECT $uname from users"; instead. ATTENTION! Smells like SQL injection issue... Commented Jun 5, 2015 at 12:36
  • 1
    SELECT $uname from users; this is going to bite you. You probably want to select a column for a specific user and not a specific column. And the heredoc EOF; cannot have any spaces before it, it has to be at the beginning of the line. Commented Jun 5, 2015 at 12:38

2 Answers 2

Reset to default
3

There might be a problem here:

   $sql =<<<EOF
   SELECT $uname from users;
   EOF;

EOF; should be at the start of the line, there can be no whitespace before it.

See: https://php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc

That means especially that the identifier may not be indented

$_POST[username] (2nd to last line) should be $_POST["username"]. This might just be a warning though.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

change the brackets the other way and plus u dont have to do that just add to the top of your page this code

<? session_start(); ?>

and when you echo there username put

<?=$_SESSION['sess_user'];?> or <? echo $_SESSION['sess_user'];?>

or you could go into detail and put <? $rot = $username ?> <? echo $rot ?>

Improve this answer

6 Comments

the $_POST method OFTEN carry's loads of errors. so i advise my advice! try it and let me know how it works.
And how and where would you assign a value to $_SESSION['sess_user'] if the $_POST method OFTEN carry's loads of errors?
that's a ridiculous question, here is the answer pal. $_POST method is automatic, $_SESSION is manual, therefor session works on its on as long as you have an actual SQL database, and as long as you have started the session, if using post then everything must be typed perfectly.. tens of pointless sentences of code.
and also at the same place as the $_POST would be. of course.
there isnt any value to an echo.. wtf r u talking about bro. do u even know how to code?
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.