Mencarta Posted January 17, 2010 Share Posted January 17, 2010 I have a page to change passwords. This is my script:changepass.php <?php require_once("dbconnect.php"); //Include Database Connection Script session_start(); //Check Fields if (empty($_POST["username"]) || empty($_POST["password"])) { echo "Please Fill Out All Fields"; exit; } if ($_POST["newpass1"] != $_POST["newpass2"]) { echo "The Passwords Provided Aren't The Same"; exit; } $curpass = sha1($_POST["curpass"]); //Convert Current Password To Sha1 $newpass = sha1($_POST["newpass1"]); //Convert New Password To Sha1 $user = $_SESSION["username"]; $sql = "SELECT * FROM users WHERE username='$_SESSION['username']' and password='$curpass'"; $result = mysql_query($sql); if (mysql_num_rows($result) == 0) { echo "Wrong Current Password"; exit; } $update = "UPDATE users SET password='$newpass' WHERE username='$user' and password='$curpass'"; $result2 = mysql_query($update);?> I get this error: Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /www/zxq.net/p/j/h/pjhdramaclub/htdocs/manage/changepass.php on line 20 Any suggestions? Link to comment Share on other sites More sharing options...
Ingolme Posted January 17, 2010 Share Posted January 17, 2010 You might want to update this line: $sql = "SELECT * FROM users WHERE username='$_SESSION['username']' and password='$curpass'"; Since you're already defining a $user variable, you might as well use it: $sql = "SELECT * FROM users WHERE username='$user' and password='$curpass'"; I'm not sure which one is line 20, but if that's the line, then the probem is most likely because you had the $_SESSION variable without braces {} around it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.