Problems with member only database entries

Conorgallen · Feb 19, 2008

Hey very new to this forum hope it can help, The following coding is what I am using in order to allow users to become a registered member of my site:
<?php
/ Program: Login.php
Desc: Login program for the Members Only section of the
pet store. It provides two options: (1) login using an existing Login Name and (2) enter a new
login name. Login Names and passwords are stored
in a MySQL database.
*/
session_start();
include("ttpt.inc");
switch (@$GET['do'])
{
case "login":
$connection = mysql_connect($host, $user,$password)
or die ("Couldn't connect to server.");
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database.");
$sql = "SELECT loginName FROM members
WHERE loginName='$POST[fusername]'";
$result = mysql_query($sql)
or die("Couldn't execute query.");
$num = mysql_num_rows($result);
if ($num == 1) // login name was found
{
$sql = "SELECT loginName FROM members
WHERE loginName='$POST[fusername]'
AND password=password('$POST[fpassword]')";
$result2 = mysql_query($sql)
or die("Couldn't execute query 2.");
$num2 = mysql_num_rows($result2);
if ($num2 > 0) // password is correct
{
$SESSION['auth']="yes";
$logname=$POST['fusername'];
$SESSION['logname'] = $logname;
$today = date("Y-m-d hs");
$sql = "INSERT INTO Login (loginName,loginTime)
VALUES ('$logname','$today')";
mysql_query($sql) or die("Can't execute query.");
header("Location: Member_page.php");
}
else // password is not correct
{
unset($do);
$message="The Login Name, '$POST[fusername]'
exists, but you have not entered the
correct password! Please try
again.<br>";
include("login_form.inc");
}
}
elseif ($num == 0) // login name not found
{
unset($do);
$message = "The Login Name you entered does not
exist! Please try again.<br>";
include("login_form.inc");
}
break;
case "new":
foreach($_POST as $field => $value)
{

if ($value == "")
{
unset($GET['do']);
$message_new = "Required information is missing.
Please try again.";
include("login_form.inc");
exit();
}
}
if (ereg("(Name)",$field))
{
/if (!ereg("^[A-Za-z' -]{1,50}$",$value))
{
unset($GET['do']);
$message_new = "$field is not a valid name.
Please try again.";
include("login_form.inc");
exit();
}/
}
$$field = strip_tags(trim($value));
} // end foreach
if (!ereg("^{[0-9]{5,5}(-[0-9]{4,4})?$",$postcode))}
{
unset($GET['do']);
$message_new = "$postcodeis not a valid postcode.
Please try again.";
include("login_form.inc");
exit();
}
if (!ereg("^[0-9)(xX -]{7,20}$",$phone))
{
unset($GET['do']);
$message_new = "$phone is not a valid phone number.
Please try again.";
include("login_form.inc");
exit();
}
if (!ereg("^{.+@.+\..+$",$email))}
{
unset($GET['do']);
$message_new = "$email is not a valid email address.
Please try again.";
include("login_form.inc");
exit();
}
/ check to see if login name already exists /
$connection = mysql_connect($host,$user,$password)
or die ("Couldn't connect to server.");
$db = mysql_select_db($database, $connection)
or die ("Couldn't select database.");
$sql = "SELECT loginName FROM members
WHERE loginName='$newname'";
$result = mysql_query($sql)
or die("Couldn't execute query.");
$num = mysql_numrows($result);
if ($num > 0)
{
unset($GET['do']);
$message_new = "$newname already used. Select another
Member ID.";
include("login_form.inc");
exit();
}
else
{
$today=date("Y-m-d");
$sql="INSERT INTO members (loginName,createDate,
password,lastName,firstName,street,city,
county,postcode,email,phone) VALUES
('$newname','$today',password('$newpass'),
'$lastName','$firstName','$street','$city',
'$county','$postcode','$email','$phone')";
mysql_query($sql);
$SESSION['auth']="yes";
$SESSION['logname'] = $newname;
/ send email to new member /
$emess = "A new Member Account has been setup. ";
$emess.= "Your new Member ID and password are: ";
$emess.= "\n\n\t$newname\n\t$newpass\n\n";
$emess.= "We appreciate your interest in Themes To Party To";
$emess.= "at themestopartyto.com. \n\n";
$emess.= "If you have any questions or problems,";
$emess.= "email webmaster@themestopartyto.com";
$ehead="From: member-desk@themestopartyto.com\r\n";
$subj = "Your new Member Account from Themes To Party To";
$mailsend=mail("$email","$subj","$emess","$ehead");
header("Location: New_member.php");
}
break;

default:
	include("login_form.inc");
}

?>

I keep getting an: Parse error: parse error, unexpected T_DEFAULT in e:\domains\t\themestopartyto.com\user\htdocs\login.php on line 154

Hope someone can shed some light on this for me as I am getting extremely annoyed at this message - the coding has come from PHP&Mysql for dummies

ChrisAirey · Feb 20, 2008

Hi,

For future reference, you may want to set your code within the PHP brackets so it's easier to read. Your problem lies around line 70 where you have two closing braces. This essentially ends the foreach loop. Just remove one of the braces. See below where you have the double braces. The problem is the switch statement ends with the last closing curly brace, and the default is basically out of scope.

foreach($_POST as $field => $value)
{

if ($value == "")
{
unset($_GET['do']);
$message_new = "Required information is missing.
Please try again.";
include("login_form.inc");
exit();
}
}

Conorgallen · Feb 20, 2008

Hey thanks for your help it worked I have another problem which I have posted onto a separate topic!

Thanks again

Problems with member only database entries

CConorgallen

CChrisAirey

CConorgallen