login.php without errors
QUOTE
<?php
session_start(); //allows session
include "config.php";
echo "<left>";
if($logged[id]) {
//welcomes the member
echo "Welcome $logged[username]<br><br>";
//shows the user menu
echo "
- <a href='editprofile.php'>Edit Profile</a><br>
- <a href='changepassword.php'>Change Password</a><br>
- <a href='members.php'>Members</a><br>
- <a href='logout.php?logout'>Logout</a>";
}else
//if there trying to login
if(isset($_GET['login'])) {
//removes sql injections from the data
$username= htmlspecialchars(addslashes($_POST[username]));
//encrypts the password
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
//gets the username data from the members database
$uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//see if the user exists
$checkuser = mysql_num_rows($uinfo);
//if user name not found in database error
if($checkuser == '0')
{
echo "Username not found";
}else{
//fetch the sql
$udata = mysql_fetch_array($uinfo);
//checks see if the account is verified
if($udata[userlevel] == 1) {
echo "This account had not been verified.";
}
//if it is continue
else
//if the db password and the logged in password are the same login
if($udata[password] == $password) {
$query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//fetchs the sql
$user = mysql_fetch_array($query);
//sets the logged session
$_SESSION['id'] = "$user[id]";
$_SESSION['password'] = "$user[password]";
echo "You are now logged in, Please wait. . .";
//redirects them
echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>";
}
//wrong password
else{
echo "Incorrect username or password!";
}
}
}else{
//If not the above show the login form
echo "<form action='login.php?login' method='post'>
<head>
<body>
<title>newt</title>
</head>
Username:<input type='text' name='username' size='30' maxlength='25'>
Password:<input type='password' name='password' size='30' maxlength='25'>
<input type='submit' value='Login'>
</html>
</form>";
}
echo "<left>";
?>
session_start(); //allows session
include "config.php";
echo "<left>";
if($logged[id]) {
//welcomes the member
echo "Welcome $logged[username]<br><br>";
//shows the user menu
echo "
- <a href='editprofile.php'>Edit Profile</a><br>
- <a href='changepassword.php'>Change Password</a><br>
- <a href='members.php'>Members</a><br>
- <a href='logout.php?logout'>Logout</a>";
}else
//if there trying to login
if(isset($_GET['login'])) {
//removes sql injections from the data
$username= htmlspecialchars(addslashes($_POST[username]));
//encrypts the password
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
//gets the username data from the members database
$uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//see if the user exists
$checkuser = mysql_num_rows($uinfo);
//if user name not found in database error
if($checkuser == '0')
{
echo "Username not found";
}else{
//fetch the sql
$udata = mysql_fetch_array($uinfo);
//checks see if the account is verified
if($udata[userlevel] == 1) {
echo "This account had not been verified.";
}
//if it is continue
else
//if the db password and the logged in password are the same login
if($udata[password] == $password) {
$query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//fetchs the sql
$user = mysql_fetch_array($query);
//sets the logged session
$_SESSION['id'] = "$user[id]";
$_SESSION['password'] = "$user[password]";
echo "You are now logged in, Please wait. . .";
//redirects them
echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>";
}
//wrong password
else{
echo "Incorrect username or password!";
}
}
}else{
//If not the above show the login form
echo "<form action='login.php?login' method='post'>
<head>
<body>
<title>newt</title>
</head>
Username:<input type='text' name='username' size='30' maxlength='25'>
Password:<input type='password' name='password' size='30' maxlength='25'>
<input type='submit' value='Login'>
</html>
</form>";
}
echo "<left>";
?>
login.php page with errors
error message i recieve - Parse error: syntax error, unexpected '>' in /home/sites/sthelensclubberz.co.uk/public_html/login.php on line 63
QUOTE
<?php
session_start(); //allows session
include "config.php";
echo "<left>";
if($logged[id]) {
//welcomes the member
echo "Welcome $logged[username]<br><br>";
//shows the user menu
echo "
- <a href='editprofile.php'>Edit Profile</a><br>
- <a href='changepassword.php'>Change Password</a><br>
- <a href='members.php'>Members</a><br>
- <a href='logout.php?logout'>Logout</a>";
}else
//if there trying to login
if(isset($_GET['login'])) {
//removes sql injections from the data
$username= htmlspecialchars(addslashes($_POST[username]));
//encrypts the password
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
//gets the username data from the members database
$uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//see if the user exists
$checkuser = mysql_num_rows($uinfo);
//if user name not found in database error
if($checkuser == '0')
{
echo "Username not found";
}else{
//fetch the sql
$udata = mysql_fetch_array($uinfo);
//checks see if the account is verified
if($udata[userlevel] == 1) {
echo "This account had not been verified.";
}
//if it is continue
else
//if the db password and the logged in password are the same login
if($udata[password] == $password) {
$query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//fetchs the sql
$user = mysql_fetch_array($query);
//sets the logged session
$_SESSION['id'] = "$user[id]";
$_SESSION['password'] = "$user[password]";
echo "You are now logged in, Please wait. . .";
//redirects them
echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>";
}
//wrong password
else{
echo "Incorrect username or password!";
}
}
}else{
//If not the above show the login form
echo "<form action='login.php?login' method='post'>
<head>
<body>
<body bgcolor="#000000" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<title>newt</title>
</head>
<img src="images/logo.png" />
Username:<input type='text' name='username' size='30' maxlength='25'>
Password:<input type='password' name='password' size='30' maxlength='25'>
<input type='submit' value='Login'>
</html>
</form>";
}
echo "<left>";
?>
session_start(); //allows session
include "config.php";
echo "<left>";
if($logged[id]) {
//welcomes the member
echo "Welcome $logged[username]<br><br>";
//shows the user menu
echo "
- <a href='editprofile.php'>Edit Profile</a><br>
- <a href='changepassword.php'>Change Password</a><br>
- <a href='members.php'>Members</a><br>
- <a href='logout.php?logout'>Logout</a>";
}else
//if there trying to login
if(isset($_GET['login'])) {
//removes sql injections from the data
$username= htmlspecialchars(addslashes($_POST[username]));
//encrypts the password
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
//gets the username data from the members database
$uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//see if the user exists
$checkuser = mysql_num_rows($uinfo);
//if user name not found in database error
if($checkuser == '0')
{
echo "Username not found";
}else{
//fetch the sql
$udata = mysql_fetch_array($uinfo);
//checks see if the account is verified
if($udata[userlevel] == 1) {
echo "This account had not been verified.";
}
//if it is continue
else
//if the db password and the logged in password are the same login
if($udata[password] == $password) {
$query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
//fetchs the sql
$user = mysql_fetch_array($query);
//sets the logged session
$_SESSION['id'] = "$user[id]";
$_SESSION['password'] = "$user[password]";
echo "You are now logged in, Please wait. . .";
//redirects them
echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>";
}
//wrong password
else{
echo "Incorrect username or password!";
}
}
}else{
//If not the above show the login form
echo "<form action='login.php?login' method='post'>
<head>
<body>
<body bgcolor="#000000" text="#000000" link="#000000" vlink="#000000" alink="#000000">
<title>newt</title>
</head>
<img src="images/logo.png" />
Username:<input type='text' name='username' size='30' maxlength='25'>
Password:<input type='password' name='password' size='30' maxlength='25'>
<input type='submit' value='Login'>
</html>
</form>";
}
echo "<left>";
?>
would apreciate any help on this
