1

this is my codei'm facing a syntax problem with my php code, can anyone please tell me where is the error ? thanks

 $requete = "SELECT count(*) FROM Utilisateur where 
    Nom_utilisateur = '".$username."' and mot_de_passe = '".$password."' ";
mery
  • 43
  • 7
  • 4
    [Please, whatever you do, have a read up on SQL injections.](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – thordarson Apr 22 '18 at 17:49
  • look like some of values are '' – Proxytype Apr 22 '18 at 17:50
  • @thordarson thanks , i will. – mery Apr 22 '18 at 17:50
  • 1
    Look like a valid expression to me. Are you sure is the place, the error occurs? – sticky bit Apr 22 '18 at 17:56
  • If you are using plain text passwords please stop that. https://stackoverflow.com/questions/1197417/why-are-plain-text-passwords-bad-and-how-do-i-convince-my-boss-that-his-treasur – chris85 Apr 22 '18 at 17:59
  • @stickybit yes i'm sure, should i use prepared statements maybe? – mery Apr 22 '18 at 18:00
  • Possible duplicate of [PHP parse/syntax errors; and how to solve them?](https://stackoverflow.com/questions/18050071/php-parse-syntax-errors-and-how-to-solve-them) – Nigel Ren Apr 22 '18 at 18:00
  • Prepared statements would be better for multiple reasons, but the error doesn't appear to be related to the code presented. – chris85 Apr 22 '18 at 18:01
  • i added a picture of my code in _komodo IDE_ – mery Apr 22 '18 at 18:07
  • 1
    Given by your screenshot, you're missing a ' after localhost, line 9. It's sometimes good to look at the color highlighting in your code editor. Wherever the colors start going off or the highlighting stops working there's probably a parsing error. – thordarson Apr 22 '18 at 18:07
  • @mery: Yes you should use prepared statements in general as you've been told already. Is the error message giving you a line number? And this is the line? Be aware that the actual error mustn't necessarily be on that line. It's just the line the parser gets something unexpected. It might be unexpected for it because something some lines above did make it "think" like that. – sticky bit Apr 22 '18 at 18:08
  • @thordarson you're right thank you. – mery Apr 22 '18 at 18:12

2 Answers2

0

I checked this correct. I think you have something written wrong your varaible name. Please check everthing carefully. You can also write {$username} instead of " ' . . ' "

Ericgit
  • 6,089
  • 2
  • 42
  • 53
0

In line 9 $db_host = 'localhost; you don't have closing '.

Zafahix
  • 161
  • 6