Php “解析错误:语法错误,意外的$end in…”但我的语法还好吗?
我似乎不明白为什么我会犯这个错误。语法完全正确,不是吗?很明显,这并不像切换开关那么简单Php “解析错误:语法错误,意外的$end in…”但我的语法还好吗?,php,Php,我似乎不明白为什么我会犯这个错误。语法完全正确,不是吗?很明显,这并不像切换开关那么简单 <? 为了 谢谢大家 <?php if (isset($_POST['username'])&&isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $password_hash = md5($password); if(!empty($us
<?
为了
谢谢大家
<?php
if (isset($_POST['username'])&&isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$password_hash = md5($password);
if(!empty($username)&&!empty($password)) {
$query = "SELECT `id` FROM `devand_users` WHERE `username`='$username' AND `password`='$password_hash'";
if ($query_run = mysql_query($query)) {
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0) {
echo 'Invalid username or password combination.';
} else if ($query_num_rows==1) {
echo $password_hash;
}
}
}
?>
<form action="<?php echo $current_file; ?>" method="POST">
Username: <input type="text" name="username">
Password: <input type="password" name="password">
<input type="submit" value="Login">
</form>
您的{和}不匹配。把它们排成一行,数一数。你缺少一个紧括号 固定的:
if (isset($_POST['username'])&&isset($_POST['password'])) {
$username = mysql_real_escape_string($_POST['username']);
$password = $_POST['password'];
$password_hash = md5($password);
if(!empty($username)&&!empty($password)) {
$query = "SELECT `id` FROM `devand_users` WHERE `username`='$username' AND `password`='$password_hash'";
if ($query_run = mysql_query($query)) {
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0) {
echo 'Invalid username or password combination.';
} elseif ($query_num_rows==1) {
echo $password_hash;
}
}// the missing close bracket?
}
}
这就是为什么你总是缩进你的代码
另外,您肯定应该使用来防止SQL注入攻击。您缺少一个右括号:
括号不匹配。查看格式稍有不同的代码:
if (isset($_POST['username'])&&isset($_POST['password']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$password_hash = md5($password);
if(!empty($username)&&!empty($password))
{
$query = "SELECT `id` FROM `devand_users` WHERE `username`='$username' AND `password`='$password_hash'";
if ($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0)
{
echo 'Invalid username or password combination.';
} else if ($query_num_rows==1)
{
echo $password_hash;
}
}
}
您永远不会关闭第一个..语法显然不正确。这样的随机缩进永远不会让你发现问题。你在哪一行得到错误?我是说,得了吧,那是在代码的最后一行。这一行包括了我的html表单结束标记。恭喜,你赢得了最快的速度。我不会在这样的问题上花费超过一分钟的时间。我说的是你回答的时间,因为在同一时间出现了这么多的答案,说的是同一件事!我还在学习。我还在努力掌握窍门。一旦我了解了安全性的基本知识,就会涉及到安全性。阻止SQL注入攻击的基本经验法则是避开SQL语句中包含的任何用户输入。mysql\u real\u escape\u字符串非常适合这种情况。祝你好运,坚持下去!
if(!empty($username)&&!empty($password)) {
$query = "SELECT `id` FROM `devand_users` WHERE `username`='$username' AND `password`='$password_hash'";
if ($query_run = mysql_query($query)) {
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0) {
echo 'Invalid username or password combination.';
} else if ($query_num_rows==1) {
echo $password_hash;
}
}
}
} <- Missing This
?>
<form action="<?php echo $current_file; ?>" method="POST">
Username: <input type="text" name="username">
Password: <input type="password" name="password">
<input type="submit" value="Login">
</form>
if (isset($_POST['username'])&&isset($_POST['password']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$password_hash = md5($password);
if(!empty($username)&&!empty($password))
{
$query = "SELECT `id` FROM `devand_users` WHERE `username`='$username' AND `password`='$password_hash'";
if ($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
if ($query_num_rows==0)
{
echo 'Invalid username or password combination.';
} else if ($query_num_rows==1)
{
echo $password_hash;
}
}
}