Please webmasters! am getting this error message in a code i was working on

Parse error: syntax error, unexpected T_STRING in /home/arstech/public_html/process.php on line 7

and here is the code

<?php

include"dbconn.php";
$username =$_POST['username'];
$password =$_POST['password'];

$check = mysql_query(SELECT *FROM users WHERE username ='$username' AND password = '$password'";
if($submit){
header("location: member.html";
}
else
{
echo "Sorry username and password is wrong";
?>



i dont seem to know were the error is?

Possible issues:

1)

if($submit){
header("location: member.html";
}
else
{
echo "Sorry username and password is wrong";

You seem to be missing the "}", after teh echo statement

2)

header("location: member.html";

Where do you have the header() function call. Remember, it has to be outside of any html, including white space.

3)

include"dbconn.php";

Perhaps you need a space between "include" and the name of the included file?

fixing one of those should hopefully take care of the problem. Let us know what's up.

Thank you my broder, but the error is reading at line 8, that should be within here

$check = mysql_query(SELECT * FROM users WHERE username

='$username' AND password = '$password'";



I have tried wat u suggest.

In that case, I think the issue is that you have dbl quotes at the end of the query but not at the beginning. I believe the entire query string should be within dbl quotes.

Try that and let us know what's up.

In that case, I think the issue is that you have dbl quotes at the end of the query but not at the beginning.  I believe the entire query string should be within dbl quotes.

Try that and let us know what's up.

Precisley - I agree with Yawa. You need to match the dbl quotes you have at the end of statement, like this:

$check = mysql_query("[/b]SELECT * FROM users WHERE username ='$username' AND password = '$password'[b]");

Notice the quotes in bold.

I'm happy the programming thing is coming on live now. Keep it up. Check my section for the PHP and other programming languages sample codes.

hi web pro, i didnt know it was u who pm'd me on yim lastnight.
try the methods in these links

http://www.evolt.org/article/Creating_a_Login_Script_with_PHP_4/17/19661/index.html
http://php.about.com/od/finishedphp1/ss/php_login_code.htm

waz kind of busy last night, sorry i couldnt really help.
hope this helps

Thanx broders, let me cross check again, still needs more advice and suggestions. I will let u know if it works out

<?php

include_once "dbconn.php";


if(isset($_POST['submit'])){
$username =mysql_real_escape_string($_POST['username']);
$password =mysql_real_escape_string($_POST['password']);

$check = mysql_query("SELECT * FROM users WHERE username ='$username' AND password = '$password' ";
if(mysql_num_rows($check)==1){

header("location: member.html";
}
else
{
echo "Sorry username and password is wrong";
}
}


/*That should work. And please be more secure with your codes, always escape user input.

I could have very easily by-passed the login system you posted earlier.

ciao*/

?>

one more thing that puzzles me:

header("location: member.html";

why is the redirection set to a html document?

if you need a user authentication system that works effectively,

I suggest you use a php file, for example, so that you can check first against a session or something else that becomes active when login is successful

otherwise users will bypass the login and go straight to member.html

Anyway u could also setup your .htaccess to process all your files as php, but I wont recommend that,

ciao

@castrolng, Just implemented ur step and it processed but stop without heading to the next location:

i guess this is were the problem is

if(mysql_num_rows($check)==1){

header("location: member.html";

This might help:

$query = "SELECT * FROM dot dot dot";

$result = mysql_query($query) or die ("Your Search didn't return any results.";

$num_results = mysql_num_rows($result);
if($num_results > 0) {
//do stuff
}

This is from code that I have that works perfectly. Make sure urs matches mine and try again. Then let us know.

@yawa-ti-de
I enjoy the way you did this last reply. Just as we discussed, it is not best to copy and paste the entire code for a poster that needs help. It is better to give the best clues then let him or her discover the problem and get it solved. Tomorrow, when he stumbles upon such, it will be easier to solve.

@poster
Keep on trying your codes and you'll reach at your designated target.

I agreed with OmniPotens refer not best way to post entire code for poster.

It will not help the poster understand how the coding work.

By the way there are HUNDRED FREE authentic login system scripts that comes with step by step tutorial break down on google everywhere. PHP, ASP, Flash, #C, Perl/CGI, etc.

On google, there has MD5-hash encrypted login script/tutorials (but left out some missing coding on MD5 secured login script for programmers to resolve themself make it work---won't display whole coding itself) there.

It is everywhere on the search results.

Good luck Poster!

uspry1:

By the way there are HUNDRED FREE authentic login system scripts that comes with step by step tutorial break down on google everywhere. PHP, ASP, Flash, #C, Perl/CGI, etc.

web pro, if u wonno opt for scripts, u can let me know. i use a couple of login scripts, but i'll give u a simple one and show u a site i'm developing so u can see how the login part works.

@Dual Core

I don't really buy the idea of giving them the entire script. You learnt right, so just give them clues so they can learn as well. It is going to help them both now and in future.

@webpro

Hope you've got your thing up and running?

Omni, warahell?! Wen did u make tht post? Na b4 or after i give u? Kai dude u don take me 4 a ride this time. Lol. Web pro, d decision is urz. We all have our ways of learning.

@Dual Core

Just let my people learn and become competent. I understand what you mean but it has nothing to deal with this issue here.

It is always advisable to sanitise user input so that your database will be safed.
$username = mysql_real_escape_string ($_POST ['username']; // this sanitise user input
$Password = Md5 ($_POST ['Password']); // the use of md5( ) makes it safe to run query
I think you find this helpful. Email:doubletechnology@gmail.com