Parse Error?

+4 Brandon Bennett · November 5, 2014
I'm having some trouble and i'm not sure what a parse error is. 

I keep getting this error: 

"Parse error: syntax error, unexpected 'return' (T_RETURN) in /functions/users.php on line 14" and I'm not sure what i'm missing.

Here is the code i'm using:

<?php
function user_data($user_id){ 
$data = array();

}

function logged_in() {
return (isset($_SESSION['user_id'])) ? true : false;
}

function user_exists() {
$username = sanitize($username);
$query = mysql_query("SELECT COUNT ('user_id') FROM `users` WHERE `username` = '$username'")
return (mysql_result($query, 0) ==1) ? true : false;
}

function user_active() {
$username = sanitize($username);
$query = mysql_query("SELECT COUNT ('user_id') FROM `users` WHERE `username` = '$username' AND `active` = 1")
return (mysql_result($query, 0) ===1) ? true : false;
}

function user_id_from_username($username) {
$username = sanitize($username);
return mysql_result(mysql_query("SELECT `user_id` FROM `users` WHERE `username` = '$username'"), 0 'user_id');
}

function login($username, $password) {
$user_id = user_id_from_username($username);

$username = sanitize($username);
$password = md5($password);

return (mysql_result(mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `username` = '$username' AND `password` = '$password'"), 0) ==1) ? $user_id : false;
}
?>

Please let me know if there is anything that i can do to fix this. 

Thank you!

Post a Reply

Replies

- page 2
Oldest  Newest  Rating
0 Ron Butcher · November 16, 2014
I ran the code on my end and it did work.  Lets throw some echo statements into the mix to troubleshoot where it is failing.  Try this:


echo 'works to here-1';
if (empty($_POST) === false) {
echo 'works to here-2';
$username = $_POST['username'];
$password = $_POST['password'];

if (empty($username) === true || empty($password) === true) {
$errors[] = 'You need to enter a username and password';
echo 'should not see me-1';
} else if (user_exists($username) === false) {
$errors[] = 'We can\'t find that username. Have you registered?';
echo 'should not see me-2';
} else if (user_active($username) === false){
$errors[] = 'Activation required first!';
echo 'should not see me-3';
} else {
echo 'works to here-3';
$login = login($username, $password);
if ($login === false) {
$errors[] = 'Username or password is incorrect';
echo 'should not see me-4';
} else {
$_SESSION['user_id'] = $login;
echo 'works to here-4';
print_r($_SESSION); <- Print all session variables to see if they are being set
//header('Location: index.php'); <- Commented this out as a temp test
exit();
}
}
}
echo 'works to here-5';
echo output_errors($errors);

 I know it looks a little funky, but what we are doing is breaking down each logical step to see where we are having issues.  You should see five "works to here" statements with numbers.  If you are missing a number, or it stops somewhere, we know what section to look for.

Just remember to remove all the extra crap before publishing your website.
0 Brandon Bennett · November 17, 2014
All that worked for me was 'works to here-1' and 'works to here-2'... 
0 Ron Butcher · November 18, 2014
I think the next step is to start commenting out the inside of your first if statement from 

$username = $_POST['username'];


All the way to the end of the statement. (the } that closes the last if statement).
Run the code, then uncomment each if statement until the page fails.
Here is the entire code that I have been testing with.  I took all of the code you gave so far and put in into one file called test.php.  I removed the POST if statement and manually set the username and password variables (since I do not have a form to pass information from).  This code does work.

<?php
session_start();

function sanitize($data){
return mysql_real_escape_string($data);
}

function output_errors($errors) {
$output = array();
foreach ($errors as $error) {
$output[] = '<li>'. $error. '</li>';
}
return '<ul>' . implode('', $output) . '</ul>';
}

function login($par1, $par2)
{
return true;
}

function user_exists($param)
{
return true;
}

function user_active($param)
{
return true;
}

//include 'core/init.php';
//include 'includes/overall/header.php';

echo 'works to here-1';
//if (empty($_POST) === false) {
echo 'works to here-2';
$username = 'user';//$_POST['username'];
$password = 'password';//$_POST['password'];
$errors = [];

if (empty($username) === true || empty($password) === true) {
$errors[] = 'You need to enter a username and password';
echo 'should not see me-1';
} else if (user_exists($username) === false) {
$errors[] = 'We can\'t find that username. Have you registered?';
echo 'should not see me-2';
} else if (user_active($username) === false){
$errors[] = 'Activation required first!';
echo 'should not see me-3';
} else {
echo 'works to here-3';
$login = login($username, $password);
if ($login === false) {
$errors[] = 'Username or password is incorrect';
echo 'should not see me-4';
} else {
$_SESSION['user_id'] = $login;
echo 'works to here-4';
print_r($_SESSION);   //<-  Print all session variables to see if they are being set
//header('Location: index.php');   <- Commented this out as a temp test
exit();
}
}
//}
echo 'works to here-5';
echo output_errors($errors);

// Output should be:
// works to here-1works to here-2works to here-3works to here-4Array ( [user_id] => 1 )


//include 'includes/overall/footer.php';

?>
0 Brandon Bennett · November 18, 2014
okay, I did that i still got the same result on my end - however in the process of doing that, I discovered that when I don't enter a password on my form the 'should not see me-1' appears as well as the 'works to here-5' 

Does this mean my error is in a different file?
0 Ron Butcher · November 18, 2014
That is the correct thing you should see if you leave either the password or username blank. 

 As long as the script completes, you will always see the works to here-5.  As long as your errors printed below that it looks like you are good to go.
0 Brandon Bennett · November 19, 2014
okay, so i thought i typed more (brain glitch) when i forget a user or password the first bit of code runs well, but when i do the other combos [i.e. wrong user name, wrong password, not activated] it doesn't run the script past that. 

And i must have done something good when resetting back to my code, i got a new error 

"Warning: mysqli_query() expects at least 2 parameters, 1 given in core/functions/users.php on line 12"

Does that mean i need to pass the username and password through the function?
0 Brandon Bennett · November 19, 2014
function user_exists($username) {
$username = sanitize($username);
$query = mysqli_query("SELECT COUNT(user_id) FROM `users` WHERE `username` = '$username'") or die(mysql_error());
return (mysqli_result($query, 0) ==1) ? true : false;


Thats the bit in question apparently, more specifically: 


$query = mysqli_query("SELECT COUNT(user_id) FROM `users` WHERE `username` = '$username'") or die(mysql_error());
0 Ron Butcher · November 19, 2014
mysqli needs your connect information passed as well as the query.

$link = mysqli_connect("host", "login_name", "login_password", "database");
$query = mysqli_query($link, "SELECT COUNT(user_id) FROM `users` WHERE `username`='$username'") or die(mysqli_error($link));

I like using the OOP mysqli myself
$mysqli = new mysqli("host", "login_name", login_passord", "database");
$query = $mysqli->query("SELECT COUNT(user_id) FROM `users` WHERE `username` = '$username'") or die($mysqli->error);
-1 Code Demon · November 20, 2014
Why do you need to check if the whole $_POST array is empty

if (empty($_POST) === false) {


Isn't the following code enough?
if (empty($username) === true || empty($password) === true) {

Anyway, my take on this that the $errors array is empty. That is why it doesn't display anything.
Also, make sure that the username and password is really posted.
One more thing stay away from mysql functions use mysqli instead.
0 Ron Butcher · November 20, 2014
He does need to check the $_POST array to see if it is empty.  If it is empty, and he tries to set $username to a POST variable that does not exist, the page will crash.  He could also put an else statement after checking the POST array to show the log in form if POST is empty.

PHP

124,524 followers
About

Server-side, HTML embedded scripting language used to create dynamic Web pages.

Links
Moderators