0

Im going to get started.

Im setting up an hwid login for my vb.net program,

To be safe, im not directly connecting to my db from the program, because if it was cracked, my db info is leaked,

so i want it running through php,

this is my current php code

<?php
$con = mysql_connect("localhost","username","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
 }

 mysql_select_db("db", $con);
$hwid
 $result = mysql_query("SELECT Name FROM hwid WHERE HWID =".$hwid. "'");

 while($row = mysql_fetch_array($result))
 {
  echo $row['Name'] . " " . $row['HWID'];
   echo "<br />";
   }

    mysql_close($con);
   ?>
`

of course, i have removed my db info, but im getting this error Parse error: syntax error, unexpected T_VARIABLE in db.php on line 10

I cant seem to find what the problem is,

what i want to do is have the program submit the hwid like this site.com/db.php?hwid=hwid here and have it echo the name in the row of the hwid submitted.

Im kinda stumped :/

Improve this question
2
  • You just have $hwid on a line, all by itself. And why do you allow SQL Injection? Commented May 13, 2012 at 1:10
  • @ta.speot.is Im not worried about sql injection right now, I havent even gotten this working, i will mess with that once I get this working. Commented May 13, 2012 at 1:13

1 Answer 1

Reset to default
2

Parse error: syntax error, unexpected T_VARIABLE in db.php on line 10

Let's take a look at the code:

1  <?php
2  $con = mysql_connect("localhost","username","password");
3  if (!$con)
4  {
5  die('Could not connect: ' . mysql_error());
6   }
7  
8   mysql_select_db("db", $con);
9  $hwid
10   $result = mysql_query("SELECT Name FROM hwid WHERE HWID =".$hwid. "'");

The 9th line is $hwid, which serves no purpose. It a minimum, I would imagine it should be $hwid;. Without the semicolon the parses will continue onto the next token (on line 10) and try to understand that. It can't, hence an error.

EDIT Taking the code from your comment

9   $hwid = $_GET['hwid'];
10  $result = mysql_query("SELECT * FROM hwid WHERE HWID ="'.$hwid'");

The 10th line is incorrect, you're mixing up ", ' and .

Try either:

$result = mysql_query("SELECT * FROM hwid WHERE HWID ='".$hwid."'");

or

$result = mysql_query("SELECT * FROM hwid WHERE HWID ='$hwid'");
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Ive Tried the above, and saw your below comment, I got rid of the error with the code you saw, but im getting a blank page..
Now you've changed your code, you've removed the concatenating . before '");.
im still getting a blank page :?
There were other mistakes in your line that I missed. See my edit.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.