Hello everyone!
I am new to PHP and I am trying to build a login for a club website at our school. This is the error I am getting:
Parse error: syntax error, unexpected ';', expecting ':' or '{' in /data/5/0/74/84/237410/user/241169/htdocs/nhs/nhs/login.php on line 11
I know its probably a simple fix around line 11 but I cannot seem to identify it. Any help would be greatly appreciated!
Note* my line numbers include comments so my line 11 is not the real line 11
Thanks in advance,
Chris
<?php
/* Program: Login.php
* Desc: Login program for the Members Only section of
* the NHS. It provides two options
* (1) login using an existing Login Name and
* (2) enter a new login name. Login Names and
* passwords are stored in a MySQL database.
*/
session_start(); # 9
# 10
switch (@$_POST['do']); #11
{
case "login": #13
$cxn = mysqli_connect("???????","????????","???????????","??????????")
or die ("Couldn't connect to server."); #15
$sql = "SELECT loginName FROM Member
WHERE loginName='$_POST[fusername]'"; #18
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute query."); #20
$num = mysqli_num_rows($result); #21
if ($num > 0) // login name was found #22
{
$sql = "SELECT loginName FROM Member
WHERE loginName='$_POST[fusername]'
AND password=md5('$_POST[fpassword]')";
$result2 = mysqli_query($cxn,$sql)
or die("Couldn't execute query 2.");
$num2 = mysqli_num_rows($result2);
if ($num2 > 0) // password is correct #30
{
$_SESSION['auth']="yes"; #32
$logname=$_POST['fusername'];
$_SESSION['logname'] = $logname; #34
$today = date("Y-m-d h:i:s"); #35
$sql = "INSERT INTO Login (loginName,loginTime)
VALUES ('$logname','$today')";
$result = mysqli_query($cxn,$sql)
or die("Can't execute insert query.");
header("Location: Member_page.php"); #40
}
else // password is not correct #42
{
$message="The Login Name, '$_POST[fusername]'
exists, but you have not entered the
correct password! Please try again.<br>";
include("login_form.inc"); #47
}
} #49
elseif ($num == 0) // login name not found #50
{
$message = "The Login Name you entered does not
exist! Please try again.<br>";
include("login_form.inc");
}
break; #56
case "new":
/* Check for blanks */ #59
foreach($_POST as $field => $value) #60
{
if ($field != "fax") #62
{
if ($value == "") #64
{
$blanks[] = $field;
}
}
}
if(isset($blanks)) #70
{
$message_new = "The following fields are blank.
Please enter the required information: ";
foreach($blanks as $value)
{
$message_new .= "$value, ";
}
extract($_POST);
include("login_form.inc");
exit();
}
/* Validate data */
foreach($_POST as $field => $value) #84
{
if(!empty($value)) #86
{
if(eregi("name",$field) and
!eregi("login",$field))
{
if (!ereg("^[A-Za-z' -]{1,50}$",$value))
{
$errors[]="$value is not a valid name.";
}
}
/* if(eregi("street",$field) or
* eregi("addr",$field) or eregi("city",$field))
* {
* if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value))
* {
* $errors[] = "$value is not a valid
* address or city.";
** }
** }
** if(eregi("state",$field))
** {
** if(!ereg("[A-Za-z]{2}",$value))
** {
** $errors[]="$value is not a valid state.";
** }
** }
*/
if(eregi("email",$field))
{
if(!ereg("^.+@.+\\..+$",$value))
{
$errors[] = "$value is not a valid
email address.";
}
}
/* if(eregi("zip",$field))
{
if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",
$value))
{
$errors[]="$value is not a valid
zipcode.";
}
}
*/
if(eregi("phone",$field)
or eregi("fax",$field))
{
if(!ereg("^[0-9)(xX -]{7,20}$",$value))
{
$errors[] = "$value is not a valid
phone number. ";
}
}
} // end if empty #138
} // end foreach
if(@is_array($errors)) #140
{
$message_new = "";
foreach($errors as $value)
{
$message_new .= $value." Please try
again<br />";
}
extract($_POST);
include("login_form.inc");
exit();
}
/* clean data */
$cxn = mysqli_connect($host,$user,$passwd,$dbname);
foreach($_POST as $field => $value) #156
{
if($field != "Button" and $field != "do")
{
if($field == "password")
{
$password = strip_tags(trim($value));
}
else
{
$fields[]=$field;
$value = strip_tags(trim($value));
$values[] =
mysqli_real_escape_string($cxn,$value);
$$field = $value;
}
}
}
/* check whether user name already exists */
$sql = "SELECT loginName FROM Member
WHERE loginName = '$loginName'"; #177
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute select query.");
$num = mysqli_num_rows($result); #180
if ($num > 0) #181
{
$message_new = "$loginName already used.
Select another User Name.";
include("login_form.inc");
exit();
}
/* Add new member to database */
else #190
{
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",createDate";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO Member ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
$result = mysqli_query($cxn,$sql)
or die("Couldn't execute insert query.");
$_SESSION['auth']="yes"; #205
$_SESSION['logname'] = $loginName; #206
/* send email to new member */ #208
$emess = "A new Member Account has been setup for the Deep Run NHS Website. ";
$emess.= "Your new Member ID and password are: ";
$emess.= "\n\n\t$loginName\n\t$password\n\n";
$emess.="You will need to login in order to sign up for service opportunities";
$emess.= " and view your service points \n\n";
$emess.= "If you have any questions or problems,";
$emess.= " email example@example.com";
$ehead="From: example@example.com\r\n"; #216
$subj = "Your new Member Account for National Honors Society";
$mailsnd=mail("$email","$subj","$emess","$ehead");
header("Location: New_member.php"); #219
}
break; #221
default: #223
include("login_form.inc");
}
?>