Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    Feb 2010
    Posts
    43
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Getting error, dunno the problem.

    I have recently gotten this in a couple of my files.. Can someone spot the error for me? I can't for the love of got figure it out.

    PHP Code:
    <?
    ob_start
    ();
    include(
    "config.php");
    if(
    $logged[username] && $logged[level] == Admin)
    {
    $user mysql_query("SELECT * from users where username = '$_GET[user]'");
    $user mysql_fetch_array($user);
    //these lines get the user's information and put it in an array.
    //we will display the information in the html form
    echo("<div align='center'><form method='POST'>
    <table width='100%'>

    <tr>
    <td align='right' width='25%'>
    <font type='verdana' size='2'>Add New Limit
    </td>
    <td align='left'>
    <input type='text' size='25' maxlength='25' name='stake'
    value='$user[level]'></td>
    </tr>
    <tr>
    <td align='center'>
    </td>

    <td align='left'>
    <input type='submit' name='update' value='Submit'></td>
    </tr>
    </table>
    </form>
    </div>"
    );
    //displays the html form
    }
    else
    {
    $stake htmlspecialchars($_POST[stake]);
    // the above lines get rid of all html.
    echo ("<meta http-equiv='REFRESH' content='1;url=http://gator44.hostgator.com/~sbdthru/admincp.php'>$_GET[user]'s profile has been updated.");
    $update mysql_query("location = 'stake = '$stake' where username = '$_GET[user]'");
    // updates the information in the database.
    }
    else
    {
    echo(
    "Sorry, but you are not allowed to view this page!");
    }
    ?>

    EDIT: Forgot the error. :P I checked all the } & { and couldn't find the problem

    PHP Code:
    Parse errorsyntax errorunexpected T_ELSE in /home/sbdthru/public_html/addgroup.php on line 32 
    Last edited by SBDTHRU; 03-03-2010 at 02:58 AM.

  • #2
    Senior Coder
    Join Date
    Apr 2007
    Location
    Quakertown PA USA
    Posts
    1,028
    Thanks
    1
    Thanked 125 Times in 123 Posts
    There are 2 'else' clauses in your if-else statement block.
    John

  • #3
    New Coder
    Join Date
    Feb 2010
    Posts
    43
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by PappaJohn View Post
    There are 2 'else' clauses in your if-else statement block.
    :T Removed one and still getting the same problem.

    PHP Code:
    <?
    ob_start
    ();
    include(
    "config.php");
    if(
    $logged[username] && $logged[level] == Admin)
    {
    $user mysql_query("SELECT * from users where username = '$_GET[user]'");
    $user mysql_fetch_array($user);
    //these lines get the user's information and put it in an array.
    //we will display the information in the html form
    echo("
    <div align='center'><form method='POST'>
    <table width='100%'>

    <tr>
    <td align='right' width='25%'>
    <font type='verdana' size='2'>Add New Limit
    </td>
    <td align='left'>
    <input type='text' size='25' maxlength='25' name='stake'
    value='$user[level]'></td>
    </tr>
    <tr>
    <td align='center'>
    </td>

    <td align='left'>
    <input type='submit' name='update' value='Submit'></td>
    </tr>
    </table>
    </form>
    </div>"
    );
    //displays the html form
    else
    {
    $stake htmlspecialchars($_POST[stake]);
    // the above lines get rid of all html.
    echo ("<meta http-equiv='REFRESH' content='1;url=http://gator44.hostgator.com/~sbdthru/admincp.php'>$_GET[user]'s profile has been updated.");
    $update mysql_query("location = 'stake = '$stake' where username = '$_GET[user]'");
    // updates the information in the database.
    }
    }
    ?>
    Please excuse my total n00bishness

  • #4
    Regular Coder bacterozoid's Avatar
    Join Date
    Jun 2002
    Location
    USA
    Posts
    490
    Thanks
    24
    Thanked 35 Times in 35 Posts
    You're missing the closing bracket.

    Edit: And you have an extra one at the end of your file.

  • #5
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Here you go, use this.

    PHP Code:
    <?
    ob_start
    ();
    include(
    "config.php");
    if(
    $logged[username] && $logged[level] == Admin)
    {
    $user mysql_query("SELECT * from users where username = '$_GET[user]'");
    $user mysql_fetch_array($user);
    //these lines get the user's information and put it in an array.
    //we will display the information in the html form
    echo "
    <div align='center'><form method='POST'>
    <table width='100%'>

    <tr>
    <td align='right' width='25%'>
    <font type='verdana' size='2'>Add New Limit
    </td>
    <td align='left'>
    <input type='text' size='25' maxlength='25' name='stake'
    value='$user[level]'></td>
    </tr>
    <tr>
    <td align='center'>
    </td>

    <td align='left'>
    <input type='submit' name='update' value='Submit'></td>
    </tr>
    </table>
    </form>
    </div>"
    ;
    //displays the html form
    }
    else
    {
    $stake htmlspecialchars($_POST[stake]);
    // the above lines get rid of all html.
    echo "<meta http-equiv='REFRESH' content='1;url=http://gator44.hostgator.com/~sbdthru/admincp.php'>$_GET[user]'s profile has been updated.";
    $update mysql_query("location = 'stake = '$stake' where username = '$_GET[user]'");
    // updates the information in the database.

    }
    ?>
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #6
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    You should read up on mysql injection as your code is susceptible to it.

    http://www.tizag.com/mysqlTutorial/m...-injection.php
    ||||If you are getting paid to do a job, don't ask for help on it!||||


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •