i have error | Parse error: syntax error, unexpected 'else' (T_ELSE)

Question

I have an error in my code

( ! ) Parse error: syntax error, unexpected 'else' (T_ELSE) in C:\wamp64\www\cms\include\registor.php on line 32`

line 32

And I can't find a solution.

This my code:

<?php
include_once('config.php');
if(isset($_POST['submit'])){
  $username = strip_tags($_POST['username']);
  $email    = $_POST['email'];
  $gender   = $_POST['gender'];
  $about    = strip_tags($_POST['about']);
  $facebook = htmlspecialchars($_POST['facebook']);
  $snapchat = htmlspecialchars($_POST['snapchat']);
  $twitter  = htmlspecialchars($_POST['twitter']);
  $date     = date("Y-m-d");

  if(empty($username)){
    echo '<div class="alert alert-danger" role="alert">الرجاء ادخال اسم المستخدم</div>';
  }elseif(empty($email)){ 
    echo '<div class="alert alert-danger" role="alert">الرجاء ادخال البريد الالكتروني</div>';
  }elseif(!filter_var($email, FILTER_VALIDATE_EMAIL)){
    echo '<div class="alert alert-danger" role="alert">الرجاء ادخال بريد الكتروني صحيح</div>';
  }elseif(empty($_POST['password'])){
    echo '<div class="alert alert-danger" role="alert">الرجاء ادخال كلمة المرور</div>';
  }elseif(empty($_POST['con_password'])){
    echo '<div class="alert alert-danger" role="alert">الرجاء تاكيد كلمة المرور</div>';
  }elseif($_POST['password'] != $_POST['con_password']){
    echo '<div class="alert alert-danger" role="alert">كلمة المرور غير متطابقة</div>';
  }else{
     $sql_username = mysqli_query ($conn, "SELECT `username` FROM `users` WHERE `username` = '$username'");
     $sql_email = mysqli_query ($conn, "SELECT `email` FROM `users` WHERE `email` = '$email'");
     if(mysqli_num_rows($sql_username) > 0){
        echo '<div class="alert alert-danger" role="alert">عذراً لكن اسم المستخدم مسجل بالفعل</div>'; 
     }elseif(mysqli_num_rows($sql_email) > 0)
     echo '<div class="alert alert-danger" role="alert">عذراً لكن الاميل مسجل بالفعل</div>';
     }else{
         if(isset($_FILES['image'])){
              $image = $_FILES['image'];
              $image_name = $image['name'];
              $image_tmp = $image['tmp_name'];
              $image_size = $image['size'];
              $image_error = $image['error'];

              $image_exe = explode('.' , $image_name);
              $image_exe = strtolower(end($image_exe));

              $allowd = array('png','gif','jpg','jpeg');

              if(in_array($image_exe , $allowd)){
                  if($image_error === 0){
                      if($image_size <= 3000000){
                         $new_name = uniqid('user',false) . '.' . $image_exe;
                         $image_dir = '../images/avatar/' . $new_name;
                         $image_db =  'images/avatar/' . $new_name;
                        if(move_uploaded_file($image_tmp , $image_dir)){\
                        $password = md5($_POST['password']);
                        $insert = "INSERT INTO `users` (`username`,
                                                        `email`, 
                                                        `password`, 
                                                        `gender`, 
                                                        `avatar`, 
                                                        `about_user`, 
                                                        `facebook`, 
                                                        `twitter`, 
                                                        `snapchat`, 
                                                        `reg_date`, 
                                                        `role`)
                                                         VALUES
                                                        ('$username',
                                                         '$email',
                                                         '$password',
                                                         '$gender',
                                                         '$image_db',
                                                         '$about',
                                                         '$facebook',
                                                         '$snapchat',
                                                         '$twitter',
                                                         '$date',
                                                         'user')";
                        $insert_sql = mysqli_query($conn , $insert);
                        if(isset($insert_sql)){
                            echo '<div class="alert alert-success" role="alert">تمت عملية التسجيل بنجاح</div>'
                        }                                                    
                          }else{
                              echo '<div class="alert alert-danger" role="alert">عذراً حدث خطا اثناء رفع الصورة</div>';
                          }
                      }else{
                          echo '<div class="alert alert-danger" role="alert">عذراً حجم الصورة اكبر من 2 ميغابايت</div>';
                      }
                  }else{
                        echo '<div class="alert alert-danger" role="alert">عذراً ’ حدث خطاء غير متوقع اثناء رفع الصورة</div>';  
                  }
              }else{
                echo '<div class="alert alert-danger" role="alert">الرجاء اختيار صوره صالحة</div>';  
              }
          }

     }
}

?>

Thank you for your help me

**WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add any data to your query. **DO NOT** use string interpolation or concatenation to accomplish this because you have created a severe [SQL injection bug](http://bobby-tables.com/). **NEVER** put `$_POST`, `$_GET` or data *of any kind* directly into a query, it can be very harmful if someone seeks to exploit your mistake. `htmlspecialchars` is **NOT** an escaping method for SQL. — tadman, Sep 25 '19 at 19:40
Note: The [object-oriented interface to `mysqli`](https://www.php.net/manual/en/mysqli.quickstart.connections.php) is significantly less verbose, making code easier to read and audit, and is not easily confused with the obsolete `mysql_query` interface where missing a single `i` can cause trouble. Example: `$db = new mysqli(…)` and `$db->prepare("…")` The procedural interface is largely an artifact from the PHP 4 era when `mysqli` API was introduced and should not be used in new code. — tadman, Sep 25 '19 at 19:40
**WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with a robust [authentication system](https://laravel.com/docs/master/authentication) built-in. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security) and **never store passwords as plain-text** or a weak hash like **SHA1 or MD5**. — tadman, Sep 25 '19 at 19:40
This code is structured in a way that makes it very, very hard to follow. This is primarily because of an excessive level of nesting. It's secondarily caused by a lack of consistent indentation. The best way to solve problems like this is to reduce complexity by shifting code into functions and calling those instead of having wildly nested conditions. — tadman, Sep 25 '19 at 19:41
You're missing a `{` at the end of this line: `}elseif(mysqli_num_rows($sql_email) > 0)` — Nick, Sep 28 '19 at 05:37

score 1 · Answer 1 · answered Sep 25 '19 at 20:46

1

You are missing an opening curly brace on line #31

}elseif(mysqli_num_rows($sql_email) > 0)

needs to be

}elseif(mysqli_num_rows($sql_email) > 0) {

Please see the comments; @tadman brings up great points.

answered Sep 25 '19 at 20:46

Napoli

1,389
2
15
26

i have error | Parse error: syntax error, unexpected 'else' (T_ELSE)

1 Answers1