Parse error: syntax error, unexpected 'md5' (T_STRING)

Question

Here is my PHP code :

 $query = "INSERT INTO `user` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '"md5(md5($_POST['email']).$_POST['password'])"')";

I cann't avoid these lines error report like this:

Parse error: syntax error, unexpected 'md5' (T_STRING) in G:\Private files\xampp\phpMyAdmin\abc\projects\diary.php on line 32

Help from anyone is expected...

Please spend some time googling about md5 for passwords, and why it's bad; and then switch to using PHP's built-in password_hash() and password_verify() functions instead — Mark Baker, Jul 09 '15 at 10:58
Please also spend some time googling/reading about prepared statements and bind variables for your SQL — Mark Baker, Jul 09 '15 at 10:58

score 0 · Answer 1 · answered Jul 09 '15 at 10:55

0

Create a variable, then assign value to that variable, pass that variable to query. This will give better readability and less errors
Code shown below..


    $value = md5(md5($_POST['email']).$_POST['password']);
    $query = "INSERT INTO user (email, password) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '$value')";

answered Jul 09 '15 at 10:55

Unni Babu

1,839
12
16

Thanks, brother.... Now it is working.... – Maruf Ahmad Jul 09 '15 at 15:10
@MarufAhmad.. bhai please dont forget to select this answer :) thanks – Unni Babu Jul 09 '15 at 17:29

score 0 · Answer 2 · answered Jul 09 '15 at 10:55

0

It's simple a Syntax error: you forget the dots on "md5(md5($_POST['email']).$_POST['password'])"

Change this part to ".md5(md5($_POST['email']).$_POST['password'])."

answered Jul 09 '15 at 10:55

Fabi755

1,495
1
12
29

Parse error: syntax error, unexpected 'md5' (T_STRING)

2 Answers2