[prev in list] [next in list] [prev in thread] [next in thread] 

List:       php-windows
Subject:    [PHP-WIN] PHP help: login.php T_ELSE error
From:       81.97.23.152
Date:       2004-07-30 4:31:15
Message-ID: 20040729202733.60166.qmail () pb1 ! pair ! com
[Download RAW message or body]

Please could somebody help me with this. I'm quite new to PHP. I can't seem
to find what needs to bechanged in this.

// session id check
if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
{
 $sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] :
$HTTP_GET_VARS['sid'];
}
else
{
 $sid = '';
}

if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ||
isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
 if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) )
&& !$userdata['session_logged_in'] )
 {
  $username = isset($HTTP_POST_VARS['username']) ?
trim(htmlspecialchars($HTTP_POST_VARS['username'])) : '';
  $username = substr(str_replace("\\'", "'", $username), 0, 25);
  $username = str_replace("'", "\\'", $username);
  $password = isset($HTTP_POST_VARS['password']) ?
$HTTP_POST_VARS['password'] : '';

  $sql = "SELECT user_id, username, user_password, user_active, user_level
   FROM " . USERS_TABLE . "
   WHERE username = '" . str_replace("\\'", "''", $username) . "'";
  if ( !($result = $db->sql_query($sql)) )
  {
   message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__,
__FILE__, $sql);
  }

  if( $row = $db->sql_fetchrow($result) )
  {
   if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
   {
    redirect(append_sid("index.$phpEx", true));
   }
   else
   {
    if( md5($password) == $row['user_password'] && $row['user_active'] )
    {
     $autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;

     $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX,
FALSE, $autologin);

     if( $session_id )
     {
      $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&',
'&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
      redirect(append_sid($url, true));
     }
     else
     {
      message_die(CRITICAL_ERROR, "Couldn't start session : login", "",
__LINE__, __FILE__);
     }
    }
    else
    {
     $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ?
str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) :
'';
     $redirect = str_replace('?', '&', $redirect);

               }
                           if (strstr(urldecode($redirect), "\n") ||
strstr(urldecode($redirect), "\r"))
               {
                  message_die(GENERAL_ERROR, 'Tried to redirect to
potentially insecure url.');
               }
     $template->assign_vars(array(
      'META' => "<meta http-equiv=\"refresh\"
content=\"3;url=login.$phpEx?redirect=$redirect\">")
     );

     $message = $lang['Error_login'] . '<br /><br />' .
sprintf($lang['Click_return_login'], "<a
href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .
sprintf($lang['Click_return_index'], '<a href="' .
append_sid("index.$phpEx") . '">', '</a>');

     message_die(GENERAL_MESSAGE, $message);
    }
   }
  }
  else
  {
   $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ?
str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) :
"";
   $redirect = str_replace("?", "&", $redirect);

   $template->assign_vars(array(
    'META' => "<meta http-equiv=\"refresh\"
content=\"3;url=login.$phpEx?redirect=$redirect\">")
   );

   $message = $lang['Error_login'] . '<br /><br />' .
sprintf($lang['Click_return_login'], "<a
href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .
sprintf($lang['Click_return_index'], '<a href="' .
append_sid("index.$phpEx") . '">', '</a>');

   message_die(GENERAL_MESSAGE, $message);
  }
 }
 else if( ( isset($HTTP_GET_VARS['logout']) ||
isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
 {
  if( $userdata['session_logged_in'] )
  {
   session_end($userdata['session_id'], $userdata['user_id']);
  }

  if (!empty($HTTP_POST_VARS['redirect']) ||
!empty($HTTP_GET_VARS['redirect']))
  {
   $url = (!empty($HTTP_POST_VARS['redirect'])) ?
htmlspecialchars($HTTP_POST_VARS['redirect']) :
htmlspecialchars($HTTP_GET_VARS['redirect']);
   $url = str_replace('&amp;', '&', $url);
   redirect(append_sid($url, true));
  }
  else
  {
   redirect(append_sid("index.$phpEx", true));
  }
 }
 else
 {
  $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&',
htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
  redirect(append_sid($url, true));

}


 //
 // Do a full login page dohickey if
 // user not already logged in
 //
**** else if( !$userdata['session_logged_in'] )  *****
 {
  $page_title = $lang['Login'];
  include($phpbb_root_path . 'includes/page_header.'.$phpEx);


**** That's the error line, Line 158
Parse error: parse error, unexpected T_ELSE in
/home/site/public_html/phpBB2/login.php on line 158

-- 
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[prev in list] [next in list] [prev in thread] [next in thread]