-1

Problem with code - unexpected $end ? Tried for a good half an hour now to fix this problem....

Can you spot the problem?

<?php
  session_start();

  if (!isset($_SESSION['user_id'])) {
if (isset($_COOKIE['user_id']) && isset($_COOKIE['username'])) {
  $_SESSION['user_id'] = $_COOKIE['user_id'];
  $_SESSION['username'] = $_COOKIE['username'];
}
  }
?>

<html>
<head>
</head>
<body>
test
<?php

  $dbc = mysqli_connect(localhost, hidden, hidden, hidden);

if (!isset($_GET['shipID'])) {
    $query = "SELECT user_id, shipID, IP, Image FROM ships WHERE shipID = '" .             $_SESSION['shipID'] . "'";
  }
  else {
    $query = "SELECT user_id, shipID, IP, Image FROM ships WHERE shipID = '" .     $_GET['shipID'] . "'";
  }
  $data = mysqli_query($dbc, $query);


while ($row = mysqli_fetch_array($data)) {
    if ($row['IP'] == $_SERVER["REMOTE_ADDR"])
    { 
      echo 'Cool';
  }
else { echo 'Fail' ; }

?>
</body>
</html>

The aim of the game is to testify that the IP address is the same as the one listed in the database.

Any & all help appreciated.

Sam Bowyer
  • 60
  • 7
  • 1
    Your code is vulnerable to [SQL Injection](http://stackoverflow.com/q/332365/548696) and you should [learn how to prevent it](http://stackoverflow.com/q/60174/548696). – Tadeck Oct 05 '12 at 23:15
  • Thanks for the answer, my account is banned from asking questions how - because they aren't 'real' or 'helpful' questions. I thought Stackoverflow was a php help site, I was recommended here for help with code'ing projects, so I'd like to apologise if I wasted anyones time. – Sam Bowyer Oct 07 '12 at 12:48
  • SO is a site about PHP and other technologies (read [faq]) and you were probably temporarily banned because your question was too localized (again, read [faq]). Try to gain some reputation points, and then ask questions complying with site policy. – Tadeck Oct 07 '12 at 16:58

3 Answers3

4

Your while block never ends after the else.

You can easily fix it by adding a closing(}) bracket after your last else.

Secondly, as @Tadeck has mentioned, your code is vulnerable to injection attacks. To prevent this, I would recommend either PDO or mysqli, as the mysql_* functions are deprecated.

Daedalus
  • 7,602
  • 3
  • 32
  • 58
  • @SamBowyer I've also updated it with a link to a better solution for database interaction. As to tuts, the best material in my book can be found via the manual, though if you want something more precise, please explain further. – Daedalus Oct 05 '12 at 23:20
1

Try using a more advanced text editor like Aptana, it has many built in features that make troubleshooting your code much easier. http://www.aptana.com/

arennaker
  • 63
  • 1
  • 11
0

You're not closing the brace on your while loop.

Spotting this sort of thing is a lot easier if you indent your code!

andrewsi
  • 10,995
  • 132
  • 34
  • 49
  • Thanks again. I looked at that but must have missed it. I think I need to buy some book(s) on the subject of advanced php. Is there one you can recommend? You've answered a few of my questions so I wouldn't mind a affiliate link or so on to return the favour. – Sam Bowyer Oct 05 '12 at 23:15
  • Alas, it's been so long since I started coding that I can't remember any of the books I used, and I've no idea about what's currently available. All I can suggest is that you write lots of code! – andrewsi Oct 05 '12 at 23:21