I can't seem to understand why the server gives me an error on this line: $query=mysql_query("SELECT username,passwsord FROM users WHERE username='$_SESSION[\'user\']'"); PHP: The error given is: Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\... on line 16 This is the entire code, I'm trying to do a login script and store the posted username from the field into a session: $_POST['username']; $_POST['password']; if(isset($_POST['username']) && isset($_POST['password'])){ $_SESSION['user'] = $_POST['username']; $query=mysql_query("SELECT username,passwsord FROM users WHERE username='$_SESSION[\'user\']'"); mysql_num_rows($query); if(mysql_num_rows($query)){ echo "Hello, ".mysql_result($query,0); } }else{ echo "Please login"; } PHP:
Try this: $query=mysql_query("SELECT username,passwsord FROM users WHERE username='" . $_SESSION['user'] . '"); but be carefully, you do not escape POST VARS before you pass them to the SQL query, this could cause a security problem. Take a look at this : http:// www. daniweb. com/web-development/php/threads/252291 or something similar. I neighter understood why you assign $_SESSION['user'] = $_POST['username'];??? It's better to assign it after a successfully authentication and not before isn't it? Cheers
$query=mysql_query("SELECT username,passwsord FROM users WHERE username=".$_SESSION['user'].""); PHP:
try this, $query=mysql_query("SELECT username,passwsord FROM users WHERE username='$_SESSION[user]'"); Code (markup):