-
Mar 31st, 2015, 01:52 PM
#1
Thread Starter
Hyperactive Member
[RESOLVED] Fatal error: Function name must be a string in
Hi I am trying to figure out how some code works but unfortunately the original code was poorly formatted
PHP Code:
$q = "select password from users where username = '$username'";
$result = mysql_query($q,$conn);
if(!$result(mysql_numrows($result) < 1)){ // Affected line
return 1; //Indicates username failure
}
Would be glad to find out whats wrong and a possible work around.
Last edited by tendemo; Mar 31st, 2015 at 01:56 PM.
-
Mar 31st, 2015, 02:18 PM
#2
Addicted Member
Re: Fatal error: Function name must be a string in
well i dont see any error but your title says otherwise? so whats the problem here ? the only thing that i can mention is mysql that is deprecated .
if you could be more specific maybe we can help you
let me add this too that i didnt see any function named "name"
try too paste the whole code
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 02:46 PM
#3
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Many Thanks for the reply here is the code
PHP Code:
<?
/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */
$q = "select password from users where username = '$username'";
$result = mysql_query($q,$conn);
if(!$result(mysql_numrows($result) < 1)){
return 1; //Indicates username failure
}
/* Retrieve password from result, strip slashes */
$dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
/* Validate that password is correct */
if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */
if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<?
}
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */
$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */
if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */
$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/**
* This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();
?>
-
Mar 31st, 2015, 02:51 PM
#4
Re: Fatal error: Function name must be a string in
What error are you getting?
Just a quick look at it shows that you're possibly vulnerable to SQL injection, and you allow a user to login if their username matches more than one user in the database.
It also looks like you're storing the users username and password in a cookie, which is definitely bad practice, even more so since it doesn't like you're using secure cookies.
You also shouldn't just be using md5 to hash your passwords in your database. MD5 has been shown to have collisions and so it is more recommended to do something like a SHA256 or 512 with a salt.
But I'm rambling..... so I go back to my initial statement... What error are you getting?
-
Mar 31st, 2015, 03:05 PM
#5
Addicted Member
Re: Fatal error: Function name must be a string in
Code:
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
caught a syntax error
Code:
$_SESSION['username']
i did a quick look too
but as kfcsmitty said what is the error ?
where is the name function ! its really o_O!!!!!!
Last edited by Pc Monk; Mar 31st, 2015 at 03:09 PM.
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 03:20 PM
#6
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Concerning what error I get is "Fatal error: Function name must be a string in line 35"
Line 35
reads Fatal error: Function name must be a string in
Concerning where is the name find the reference as to where I got the code as I was trying to use it as an example to find out how it works.
See full code reference I using here
http://evolt.org/php_login_script_wi...er_me_feature/
Thanks again
Last edited by tendemo; Mar 31st, 2015 at 03:21 PM.
Reason: typo error
-
Mar 31st, 2015, 04:06 PM
#7
Addicted Member
Re: Fatal error: Function name must be a string in
just edit that piece of it and run it for me
its like a hunch u know
Code:
if ($result = mysql_query($q,$conn)) {
echo mysql_error();
}
else {
die('its okay');
}
If(!$result(mysql_numrows($result) < 1)){
return 1;*//Indicates*username*failure*
}
Last edited by Pc Monk; Mar 31st, 2015 at 04:15 PM.
Reason: after all this dirty work
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 04:13 PM
#8
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Hi I just ran the script that you gave an received the following error
Code:
Parse error: syntax error, unexpected '*' in /home/tighrebu/public_html/bea/test.php on line 1
Thanks
-
Mar 31st, 2015, 04:21 PM
#9
Addicted Member
Re: Fatal error: Function name must be a string in
well i dont know which one u ran after all that ..... ******* try this
PHP Code:
<?
/** * Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ $q = "select password from users where username = '$username'";
if ($result = mysql_query($q,$conn)) {
echo mysql_error(); } else{ die(‘finaly’); }
if(!$result(mysql_numrows($result) < 1)){
return 1; //Indicates username failure
}
/* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
/* Validate that password is correct */ if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/** * checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/** * Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1> <form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<? }
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */ if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/** * This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */ echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin();
?>
and that was just * u had to remove from line 1 from test.php anyway
Last edited by Pc Monk; Mar 31st, 2015 at 04:24 PM.
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 04:22 PM
#10
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Sorry ignore Let me try and correct then send what I have just some quick typos . Will send the results .Thanks
Originally Posted by tendemo
Hi I just ran the script that you gave an received the following error
Code:
Parse error: syntax error, unexpected '*' in /home/tighrebu/public_html/bea/test.php on line 1
Thanks
-
Mar 31st, 2015, 04:47 PM
#11
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Okay Ater adding the code I got this
PHP Code:
<?
/** * Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ if ($result = mysql_query($q,$conn)) { echo mysql_error(); } else { die('its okay'); } If(!$result(mysql_numrows($result) < 1)){ return 1; /*Indicates*username*failure*/
}
}
/* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result);
$dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
/* Validate that password is correct */ if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
// }
/** * checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/** * Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1> <form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<? }
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if($_POST['!user'] || $_POST['!pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */ if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/** * This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */ echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin();
?>
Now I have an error that states
Code:
Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in /home/tighrebu/public_html/bea/login.php on line 45
Line 45 is
Code:
$dbarray = mysql_fetch_array($result);
-
Mar 31st, 2015, 05:09 PM
#12
Addicted Member
Re: Fatal error: Function name must be a string in
try this
PHP Code:
<?
/** * Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ $q = "select password from users where username = '$username'";
if ($result = mysql_query($q,$conn)) {
echo "lets try it agian"; echo mysql_error(); } else{ die('finaly'); }
if(!$result(mysql_numrows($result) < 1)){
echo "I want it here again".$result."<br>"; return 1; //Indicates username failure
} echo "I want it here again".$result."<br>"; /* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result); echo "I want it here again".$result."<br>"; $dbarray['password'] = stripslashes($dbarray['password']);
$password = stripslashes($password);
/* Validate that password is correct */ if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/** * checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/** * Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1> <form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<? }
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */ if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/** * This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */ echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin();
?>
and are you trying to get the password out ?
+ is the password encrypted ? what kind of encryption ?
Last edited by Pc Monk; Mar 31st, 2015 at 05:12 PM.
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 05:18 PM
#13
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Hmm let me put it this way. I have a landing page index.html . When a user reaches there he can either log in or sign up. However once a user has signed up, if the user returns to the index page at any other time , they should be redirected to a main page which also has their credentials stored in some variables.
I want the user to be automatically logged in once they return, hence no need for login or registration except they change their computer.
Hope it makes sense.
-
Mar 31st, 2015, 05:38 PM
#14
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Okay tried it and got stuck here
Code:
Parse error: syntax error, unexpected 'password' (T_STRING) in /home/tighrebu/public_html/bea/test3.php on line 53
here is the line
Code:
$dbarray['password'] = stripslashes($dbarray['password']);
I ran it as
-
Mar 31st, 2015, 06:01 PM
#15
Addicted Member
Re: Fatal error: Function name must be a string in
well i could get dreamweaver now but the localhost no chance
and tell me what was the output of the last code please
and after that try this ! a new way hope it works
PHP Code:
<?
/** * Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ $q = "select password from users where username = '$username'";
if ($result = mysql_query($q,$conn)) {
echo "lets try it agian"; echo mysql_error(); } else{ die('finaly'); }
$while(dbarray=mysql_fetch_assoc($result)) { $dbpsswd = $dbarray['password']; echo $dbpswd."this is it"; } $dbarray['password'] = stripslashes($dbarray['password']); $dbwout = stripsplashes($dbpwssd); echo "this is mine".$dbwout; echo " this is yours".$dbarray['password']; $password = stripslashes($password); echo $password."this is user"; /* Validate that password is correct */ if($password == $dbarray['password']){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/** * checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/** * Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1> <form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<? }
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */ if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/** * This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */ echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin();
?>
AND HERE IT COMES ANOTHER EDIT AFTER I SAW UR POST
PHP Code:
<?
/** * Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ $q = "select password from users where username = '$username'";
if ($result = mysql_query($q,$conn)) {
echo "lets try it agian"; echo mysql_error(); } else{ die('finaly'); }
while($dbarray=mysql_fetch_assoc($result)) { $dbpsswd = $dbarray['password']; echo $dbpswd."this is it"; } $dbwout = stripsplashes($dbpwssd); echo "this is mine".$dbwout; echo " this is yours".$dbarray['password']; $password = stripslashes($password); echo $password."this is user"; /* Validate that password is correct */ if($password == $dbwpout){
return 0; //Success! Username and password confirmed
}
else{
return 2; //Indicates password failure
}
}
/** * checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
/* Check if user has been remembered */
if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
$_SESSION['username'] = $_COOKIE['cookname'];
$_SESSION['password'] = $_COOKIE['cookpass'];
}
/* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){
/* Confirm that username and password are valid */
if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
/* Variables are incorrect, user not logged in */
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
}
/* User not logged in */
else{
return false;
}
}
/** * Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $logged_in;
if($logged_in){
echo "<h1>Logged In!</h1>";
echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
}
else{
?>
<h1>Login</h1> <form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
<? }
}
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
die('You didn\'t fill in a required field.');
}
/* Spruce up username, check length */
$_POST['user'] = trim($_POST['user']);
if(strlen($_POST['user']) > 30){
die("Sorry, the username is longer than 30 characters, please shorten it.");
}
/* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */ if($result == 1){
die('That username doesn\'t exist in our database.');
}
else if($result == 2){
die('Incorrect password, please try again.');
}
/* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/** * This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
/* Quick self-redirect to avoid resending data on refresh */ echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin();
?>
Last edited by Pc Monk; Mar 31st, 2015 at 06:17 PM.
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 06:28 PM
#16
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Second to last one gives me
Code:
Parse error: syntax error, unexpected '=' in /home/tighrebu/public_html/bea/post15.php on line 42
The last one gives a totally Blank page !
-
Mar 31st, 2015, 06:43 PM
#17
Addicted Member
Re: Fatal error: Function name must be a string in
can you use mysql_connect into this page and remove the $conn part in our query here :
PHP Code:
function confirmUser($username, $password){
global $conn;
/* Add slashes if necessary (for query) */
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
/* Verify that user is in database */ $q = "select password from users where username = '$username'";
if ($result = mysql_query($q,$conn)) {
echo "lets try it agian"; echo mysql_error(); } else{ die('finaly'); }
and then change the if part to this :
PHP Code:
if (!$result = mysql_query($q)) {
echo "lets try it agian"; echo mysql_error(); }
and then put an echo here :
PHP Code:
/* Validate that password is correct */ if($password == $dbwpout){ echo "happy to hear"; return 0; //Success! Username and password confirmed
}
else{ echo "oh no "; return 2; //Indicates password failure
}
Last edited by Pc Monk; Mar 31st, 2015 at 06:48 PM.
Body Language tells the truth! even from the grave tsaeb eht morf gninnur ,nwod deaH
All the big things started from little! teef my tsap evom sekans ,duol raor slluB
Lietome.ir
-
Mar 31st, 2015, 07:15 PM
#18
Thread Starter
Hyperactive Member
Re: Fatal error: Function name must be a string in
Both of them return a Blank screen.
-
Mar 31st, 2015, 09:54 PM
#19
Re: Fatal error: Function name must be a string in
I was not quite able to keep up with all the posts. But you missed an underscore in a function name. You put "mysql_numrows". It should be "mysql_num_rows". Not sure if this will fix your original issue.
You should also be using MySQLi or PDO since mysql_ functions are no longer supported or even recommended
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|