i cannot seem to find the syntax error
Parse error: syntax error, unexpected T_VARIABLE on line 24

 18   $user = $_REQUEST['username'];
 19   $pass = $_REQUEST['password'];
 20   
 21   $user = mysql_real_escape_string($_REQUEST['username']);
 22   $pass = mysql_real_escape_string($_REQUEST['password']);
 23   
 24   $query = 'SELECT * FROM user, user WHERE '$user' = username AND '$pass' = password';

on line 24:
$query = 'SELECT * FROM user, user WHERE '$user' = username AND '$pass' = password';

Why user twice?

Try:

$query = "SELECT * FROM user, user WHERE username = $user and password = $pass";

Or

$query = "SELECT * FROM user, user WHERE username = " . $user ."and password = ". $pass;

The are both equivalent, just using different syntax. The first uses the "" combination that allows you to call a variable inside a string, the second - and one I prefer - keeps the string elements separate from the variables. While it is a bit more difficult to write, it is far superior - in my humble opinion - when you have to debug.

in line 24 only one user should be called. try this one

$query = "SELECT * FROM user WHERE username = $user and password = $pass";

hopes it helps

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.