easy when you know how...

zingbats

$query = "SELECT * FROM phpbb_users WHERE username = '$_SESSION[`username`]'";

Gives the error:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /usr/local/psa/home/vhosts/path/whatever.php on line 82

Please explain!

Alex.

wizkid

Hi,

I guess it's a problem with with the quotes at the end of the string. Following should work:

$query = "SELECT * FROM phpbb_users WHERE username = '".$_SESSION[`username`]."'";

wizkid

planetsim

Yes wizkid is correct.

The reason it wont work that way is..

When a Quote mark is started in your case ' it will do anything that is required inbetween the first one and the next one which is located in your $_SESSION

Now the reason it worked when he did this

'".$_SESSION[username]."'

Is because

' is seperated by double quotes.

zingbats

That works fine... except something else doesn't:

<?
if ($_SESSION['username'])
{
?>
<?php include ("memberbar.php");?>
<?
}
else
{
?>
<?php include ("login.php");?>
<?
}
?>

It doesn't have session_start(); because if I put tht in the code it says:

Warning: Cannot send session cookie - headers already sent by (output started at /path/whatever.php) in /path/whatever.php on line 81

The login.php code is as follows:

        <tr>
          <td width="100%" bgcolor="#C0C0C0">
         <form method="POST" action="index.php">
<div align="left">
             <table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="53%" id="AutoNumber5">
               <tr>
                 <td width="17%"><b><i><font size="4" color="#333333">Login:</font></i></b><font color="#333333"><b> </b></font>
<font size="4" color="#333333">&nbsp;</font></td>
                 <td width="15%"><font color="#333333"><b> User:</b></font></td>
                 <td width="19%"><input type="text" name="username" size="20"></td>
                 <td width="17%"><font size="4" color="#333333"> Password:</font></td>
                 <td width="16%"><input type="password" name="password" size="20"></td>
                 <td width="16%"><input type="submit" value="Login" name="B1"></td>
               </tr>
               </form>
             </table>
           </div>

      </td>
    </tr>
  </table>
  </center>
</div>

And the memberbar.php code is:

<?php
    $link = mysql_connect("localhost", "zingbats", "my pwl")
        or die("Could not connect");
    mysql_select_db("tycooneden_com") or die("Could not select database");

$query = "SELECT * FROM phpbb_users WHERE username = '$_SESSION[username]' AND WHERE user_password = md5('$_SESSION[password]')";
$result = mysql_query($query) or die("Query failed");
$foo=mysql_fetch_array($result);

/* Start the clan defining */

$user_points=$foo['user_points'];

mysql_close($link);
?>
        <tr>
          <td width="100%" bgcolor="#C0C0C0">
         Welcome <? echo "$_SESSION['username']";?>, you have £<? echo "$user_points";?>, get spending and earning!</td>
        </tr>

laserlight

Well, then you probably attempted to write something to the html page on line 81.

You should then either call session_start() before that or use output buffering if you must.

zingbats

well, index.php has this on the top that creates sessions. The idea being that if you aren't logged in, it shows the login form (which uses the create session script shown below) and
if you ARE logged in, it shows the member bar.

<?php
session_start(); 
header("Cache-control: private"); 
   $username = $_POST['username']; 
   session_register('username');  

   $_SESSION['username'] = $username;
?>
<?php
session_start(); 
header("Cache-control: private"); 
   $password = $_POST['password'];  

   session_register('password'); 
   $_SESSION['password'] = $password;
?>

That is why the login form posts to index.php 😃