Hoax Toolbox PHP error

[ayu]

I was going to setup hoax toolbox today, but when i get to the Admin login screen i insert username and password and press login

after that i get

Parse error: parse error, unexpected $end in C:\wamp2\www\zor\hoax\html\admin\validate.php on line 72



i checked validate.php and there is no $end whatsoever in the whole file.
could someone help me out here?

oh..and when i try to click the "index table" in the sql db it says something about wrong syntax.

ok so to be more exakt it says

"1064- You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for tge right syntax to use near 'index' at line 1"

could somebody help me out here?

[FrankB]

Parse error: parse error, unexpected $end in C:\wamp2\www\zor\hoax\html\admin\validate.php on line 72

Paste the source code here, mostly the PHP_warnings return that errors when there's a unclosed flow controll in the PHP or an unused variable or a function not nested correctly and things like that.
Maybe, your php.ini file is too strict with you

i checked validate.php and there is no $end whatsoever in the whole file.
could someone help me out here?

LOL! You don't have to look for "$end", that's the PHP warning itself as stated in your php.ini file under section "Notice & Warnings" if i remember correclty (Gogeta, heeeeelp)

"1064- You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for tge right syntax to use near 'index' at line 1"

You used a reserved word probabley , check
http://www.modwest.com/help/kb6-265.html
And come back.

PS: you could have goOgled that last one yourself, neo130, come on ...
'kay, enough spanking, sorry.
Hope all that Helps.

--
FrankB

[ayu]

<?php
// valid login credentials
$type = $_POST['type'];
$user = $_POST['user'];
include ("include/config.php");

$sql=mysql_query("SELECT * FROM `login` WHERE Status='$type' AND Username='$user'") or die (mysql_error());
while($row=mysql_fetch_array($sql))
{
$username="$row[Username]";
$password="$row[Password]";
}

// grab current time
$time=time();

// handle the logout event
if ($logout == true) {
setcookie ("user", $_POST[user], $time-3200);
setcookie ("pass", md5($_POST[pass]), $time-3200);
setcookie ("type", $_POST[type], $time-3200);
header("Location: index.php");
}

// handle validation event
if ($_POST[user] && $_POST[pass]) {
if ($_POST[user]==$username && $_POST[pass]==$password) {
setcookie ("user", $_POST[user], $time+3200);
setcookie ("pass", md5($_POST[pass]), $time+3200);
setcookie ("type", $_POST[type], $time+3200);
header("Location: validate.php");
} else { $login_error= true; }
}

// handle login event, both successful and erroneous, or show login screen
if ($login_error == true) {
include("include/config.php");
include("include/theme.php");
echo "<center><img src='themes/$theme/header.gif'></center><hr>";
?>


<table align=center style="font-family:arial; font-size:12; border:1 solid #000000;">
<tr><td align=center bgcolor=#123dd4>LOGIN ERROR</td></tr>
<tr><td align=center><b>Invalid Username and/or Password</b><br><br><a href=index.php>Back</a></td></tr>
</table><p>


<?

} elseif ($_COOKIE[user] == md5($username) && $_COOKIE[pass] == md5($password)) {
include("include/config.php");
include("include/theme.php");

echo "<center><img src='themes/$theme/header.gif'></center><hr>";
echo "<center><p><h3>Thank you. You will now be redirected.</h3><p><a href='main.php'>Click here if you do not wish to wait.</a>";
echo '<META HTTP-EQUIV="Refresh" CONTENT="2; URL=main.php">';

} else {
include("include/config.php");
include("include/theme.php");
echo "<center><img src='themes/$theme/header.gif'></center><hr>";
echo "<center><p><h3>Thank you. You will now be redirected.</h3><p><a href='main.php'>Click here if you do not wish to wait.</a>";
echo '<META HTTP-EQUIV="Refresh" CONTENT="2; URL=main.php">';

}
include ("include/include.php");

?>
<hr><div align='right'>Created By NabZ</div></b>






yeah and sorry about my lazyness ;P
im just so sick of this error, i think it has something todo with the Mysql database since it has a list of reserved words where "index" is one of them it seems.

[FrankB]

I downloaded the whole thing and i must say : I *never* have seen such spaghetti code ?
Who wrote that shit ??

Well at least, if you make these very *weird* databes, it works halfly,
check it at my site :

REMOVED now become useless link

.. but i left it there as is, ii only modifyed the validate.php page seriously and cleaned up the pointless jibberish on all the other pages.

Truely, these snippets are just a .. validation for custom layout and that's it. Nothing more.

Why are such things written anyway. If it is an exercise, it is a bad one.

--
FrankB

[ayu]

Dunno.....the thing is that the Toolbox works fine on my other computer...but i cant use that one as a webserver since its a workcomputer i need to have in my backpack (lapptop)

so do you have a fix for the validate problem? and can you share it? =P

[Gogeta70]

Post the WHOLE validate.php file, so i can lookover it. Html and all. Either that, or tell me which line is line 72...

[Edit] Never mind... That code is HORRIBLE. I looked over it and saw stuff so syntactically incorrect it's insane. Plus, that code isn't very secure either. I suggest you find something else to do what you need.

[FrankB]

Never mind... That code is HORRIBLE. I looked over it and saw stuff so syntactically incorrect it's insane.

There we go. I thought the same thing when i saw it.
And when you clear it up, it does absolutely nothing exceptional...
index.php goes to validate.php that includes a MySQL database connection for validation.
Point.
Except, in that hoax Toolbox, it is like going from New York to London with a halt in Peking..

--
FrankB

[FrankB]

so do you have a fix for the validate problem? and can you share it? =P

Sure but you have to have two tables in a database somewhere.. Do you have them (is your MySQL error fixed ?)

Do this first :

Code: Select all

>mysql -h yourhost -u granted_user -p
>password 

>use test;
>create table login(
ID int not null primary key auto_increment,
Name varchar(20),
Pass varchat(20), /* not PASSWORD */
Type enum('Admin','Mini')
);
>insert into login(Name,Status,Pass,Type) values('demo','demo','Admin'); /* now you have at least sumthing to check & validate... */

>create table themes(
ID int not null primary key auto_increment,
Name enum('Msn','Dark','Whatever'),
Inuse enum('Yes','No')
);
> /* again, we feed that table with some data*/
>insert into themes(Name,Inuse) values('Msn','Yes');
>\q

Now for the PHP, here is the dirty "validate.php" how i left it and working..

Code: Select all

<?php
// valid login credentials
$type = $_POST['type'];
$user = $_POST['user'];
$pass=$_POST['pass'];
$time=time();
include ("include/config.php");
include("include/theme.php");
if (isset($_POST['user']) && isset($_POST['pass'])) {
$sql=mysql_query("SELECT * FROM login WHERE Name='$user'") or die (mysql_error());
$res=mysql_fetch_array($sql,MYSQL_ASSOC);
$username=$res['Name'];
$password=$res['Pass'];
 if ($_POST['user']==$username && $_POST['pass']==$password) {
 setcookie("userstuff","$username.$password.$type",$time+3600);
 echo "<center><img src='themes/$theme/header.gif'></center><hr>
       <h3>Thank you. You will now be redirected.</h3>
	   <p><a href='main.php'>Click here if you do not wish to wait.</a>
 		<hr><div align='right'>Created By NabZ</div>";
 echo '<META HTTP-EQUIV="Refresh" CONTENT="2; URL=main.php">';
#that line is USELESS!
mysql_close($conn);
 } else {

 echo "<table align=center style="font-family:arial; font-size:12; border:1 solid #000000;">
  <tr><td align=center bgcolor=#123dd4>LOGIN ERROR</td></tr>
  <tr><td align=center><b>Invalid Username and/or Password</b><br><br><a href=index.php>Back</a></td></tr>
 </table><p>";
}
}
// handle the logout event but that is useless crap here
?>

Al what the included config.php does is making a database connection (but the original `coder' forgot to close the damn connection..
So

Code: Select all

 config.php
$conn = mysql_connect('host','user','password') or die ('cannot do it because'. mysql_error()));
$db=mysql_select_db('test',$conn);

--
FrankB[/code]

[ayu]

That kinda made everything worse ^^

now it's all fucked up =P



Parse error: parse error, unexpected ')' in C:\wamp2\www\zor\hoax\html\admin\include\config.php on line 15

(think it's that

$conn = mysql_connect('host','user','password') or die ('cannot do it because'. mysql_error()));
$db=mysql_select_db('test',$conn);

thingy)

i might have placed it wrong = / being me and all


the weird thing is that it actually worked b4 when it was original...just that it doesnt work with a new MySQL database.... i think it has something to do with some words being reserved..... but i dont know how to change them...lets say that "index" is reserved... but i dont know how to changed "index" everywere in the scripts to something not reserved because i might mess it up

[FrankB]

That kinda made everything worse ^^
now it's all fucked up =P

That's what you get for using spaghetti code :p

Parse error: parse error, unexpected ')' in C:\wamp2\www\zor\hoax\html\admin\include\config.php on line 15
(think it's that
$conn = mysql_connect('host','user','password') or die ('cannot do it because'. mysql_error()));
thingy)

Yes, sorry, that extra ")" was a typo of mine, but then again, you *could* have figured that out by yourself, no ?

In fact, that "or die" error for mmysql connections with PHP is a bit obsolete, if you have E_Notice & Warnings set on ALL in PHP.ini, it gives a ERROR-reason anyhow.
the "die" statement is more useful for other socketting.

lets say that "index" is reserved...

it is, it puts like a fingering browsing "index" on a key or row..

but i dont know how to changed "index" everywere in the scripts to something not reserved because i might mess it up

If you have named field values as "index" then use the ALTER command or just DROP the table and restart from scratch.

Code: Select all

>mysql alter table `tablename` change `index`  index_field varchar(50)
 /* or whatever you want it to be */

[ayu]

harr harr thank you ^^

[ayu]

alright so now i got the database working byt replacing ALL the "index" in every fucking file and in the database sql query file, but i still get the validation error, and when i use your code i get "Unknown column 'Name' in 'where clause'"

do you think you can fix so that it redirects me after the login? :S i mean...so that it actually works =P

[FrankB]

alright so now i got the database working byt replacing ALL the "index" in every fucking file and in the database sql query file

Err.. there should be two tables, can you count, ras, tva, tri ?

but i still get the validation error,

Maybe your software doesn't like you, because it works all as it should on my side awith the exact same fucking code..

and when i use your code i get "Unknown column 'Name' in 'where clause'"

Since you speak about only one table, i bet the other table with field "Name" simply doesn't exist.
That's why.

And stop saying you used my code. If you would, it would work: i am not known for giving wrong code. ALL my fucking code works and even afters hours of debugging i have ALWAYS found the tiniest error.
SO, you said ?

do you think you can fix so that it redirects me after the login? :S i mean...so that it actually works =P

It is useless anyway: somebody must have put a spell on your computer. Buy another one and i will learn you how to make a REAL secure validation procedure alledgelly using PHP.

C you later aligator.

(Sorry, pal, i hade some bad times and reading this forum and its weird contributors doesn't do any good, so don't take it personally)

--
FrankB