0

Hi,

im having trouble i managed to create a password field and got everything working i then changed my mind and wanted to add a username field on to the login.

im getting the following error and i have tried both && and || yet none seem to work

Parse error: syntax error, unexpected T_BOOLEAN_AND, expecting ',' or ')' in cms/admin/news.php on line 5

if (isset($_POST['username'] && $_POST['password']) ) {
	
	if ($_POST['username'] == 'admin' || $_POST['password'] == 'admin') {
		$password = $_POST['username'];
		$password = md5($_POST['password']);
	}
	else {
		$username = $_POST['username'];
		$password = $_POST['password'];
	}
3
Contributors
4
Replies
5
Views
7 Years
Discussion Span
Last Post by ~Redous
1
isset($_POST['username'] && $_POST['password'])

i didn't know you can set conditional inside isset() function havent tried it yet. and other than that i spotted you lack the closing brace of your if() statement. other than that seem fine to me.

if (isset($_POST['username'] && $_POST['password']) ) {
	
	if ($_POST['username'] == 'admin' || $_POST['password'] == 'admin') {
		$password = $_POST['username'];
		$password = md5($_POST['password']);
	}
	else {
		$username = $_POST['username'];
		$password = $_POST['password'];
	}
}
0

Apologies i thought i pasted the whole code. the closing bracket is in there and im not sure if you can either i thought i would try it. im new to PHP stepping up from HTML so im following tutorials and code from other content to create a user friendly content management system(CMS)

full code below

<?php

include('../admin/top.inc');

if (isset($_POST['username']) & ($_POST['password']) ) {
	
	if ($_POST['username'] == 'admin') & ($_POST['password'] == 'admin') {
		$password = $_POST['username'];
		$password = md5($_POST['password']);
	}
	else {
		$username = $_POST['username'];
		$password = $_POST['password'];
	}
	
	if ($password == md5('charlton1')) {
		$load_columns = true;
		include('../includes/dbconnect.php');
		if(isset($_POST['insert'])) {
			$load_columns = false;
			$query = "INSERT INTO `news` (`title`, `content`, `date`) VALUES ('".$_POST['title']."', '".$_POST['content']."', NOW())";
			mysql_query($query) or die (mysql_error());
			echo 'News item inserted! - press <form action="news.php" method="POST"><input type="hidden" name="password" value="'.$password.'" /><input type="submit" value="here" /> to go back!';
		}
		if (isset($_POST['overwrite'])) {
			$load_columns = false;
			$id = $_POST['id'];
			$title = $_POST['title'];
			$content = $_POST['content'];
			if (isset($_POST['update_date'])) {
				$date = "NOW()";
			}
			else {
				$date = "'".$_POST['date']."'";
			}
			$query = "UPDATE `news` SET `title`='$title', `content`='$content', `date`=$date WHERE `id`='$id'";
			mysql_query($query) or die (mysql_error());
			echo 'News item edited! - press <form action="news.php" method="POST"><input type="hidden" name="password" value="'.$password.'" /><input type="submit" value="here" /> to go back!';
		}
		else if (isset($_POST['edit'])) {
			$edit_id = $_POST['id'];
		}
		else if (isset($_POST['delete'])) {
			$load_columns = false;
			$id = $_POST['id'];
			$query = "DELETE FROM `news` WHERE `id`='$id' LIMIT 1";
			mysql_query($query) or die (mysql_error());
			echo 'News item deleted! - press <form action="news.php" method="POST"><input type="hidden" name="password" value="'.$password.'" /><input type="submit" value="here" /> to go back!</form>';
		}
		if ($load_columns) {
?>
			
<html>
<head>
<title>News Admin Interface</title>
<style type="text/css">

<?php include('news_css.css'); ?>

</style>
</head>
<body>
<div class="column">

<h1>Edit column</h1>

<table>

<?php

$query = "SELECT `id`, `title`, `content`, UNIX_TIMESTAMP(`date`) FROM `news`";
$result = mysql_query($query) or die(mysql_error());

if (mysql_num_rows($result) == 0) {
	echo 'No news items to edit!';
}
else {
	while($row = mysql_fetch_assoc($result)) {
		echo '<tr>'."\n";
		echo '<td rowspan="2">ID: '.$row['id'].'<br />Date: '.date('dS \of F Y H:i', $row['UNIX_TIMESTAMP(`date`)']).'</td>'."\n";
		echo '<td><b>'.$row['title'].'</b></td>'."\n";
		echo '<td rowspan="2">
		<form action="news.php" method="post">
			<input type="hidden" name="edit" value="true" />
			<input type="hidden" name="id" value="'.$row['id'].'" />
			<input type="hidden" name="password" value="'.$password.'" />
			<input type="submit" value="Edit" />
			</form>
		<form action="news.php" method="post">
			<input type="hidden" name="delete" value="true" />
			<input type="hidden" name="id" value="'.$row['id'].'" />
			<input type="hidden" name="password" value="'.$password.'" />
			<input type="submit" value="Delete" />
		</form></td>'."\n";
		echo '</tr>'."\n";
		echo '<tr><td>'.$row['content'].'</td></tr>'."\n";
	}
}

?>

</table>

</div>

<div class="column">

<h1>Insert column</h1>

<form action="news.php" method="POST">

<?php
if ($edit_id) {
	$query = "SELECT `id`, `title`, `content`, UNIX_TIMESTAMP(`date`) FROM `news` WHERE `id`='$edit_id'";
	$result = mysql_query($query) or die(mysql_error());
	$row = mysql_fetch_assoc($result);
?>

<input name="title" value="<?php echo $row['title']; ?>" style="width: 95%;" /><br />
<br />
<textarea name="content" style="width: 95%; height: 400px;"><?php echo $row['content']; ?></textarea><br />
<br />
<input type="checkbox" name="update_date" /> Update date<br />
<br />
<input type="hidden" name="password" value="<?php echo $password; ?>" />
<input type="hidden" name="overwrite" value="true" />
<input type="hidden" name="id" value="<?php echo $row['id']; ?>'" />
<input type="hidden" name="date" value="<?php echo $row['UNIX_TIMESTAMP(`date`)']; ?>" />

<input type="submit" value="Edit" />

</form>

<form action="news.php" method="POST"><input type="hidden" name="password" value="<?php echo $password; ?>" /><input type="submit" value="Don't edit" /></form>

<?php
}
else {
?>
<input name="title" value="News Title" style="width: 95%;" /><br />
<br />
<textarea name="content" style="width: 95%; height: 400px;">News content</textarea><br />
<br />
<input type="hidden" name="password" value="<?php echo $password; ?>" />
<input type="hidden" name="insert" value="true" />

<input type="submit" value="Insert news" />

</form>

<?php
}
?>

</form>
</div>
</body>
</html>			
			
<?php
		}
				
	}
	else {
		echo 'Wrong password!';
	}
	
}

else {

?>

<html>
<head>
<title>Please type the admin password</title>
</head>
<body>
<form action="news.php" method="POST" style="background-color: #cccccc; margin: 200px auto; padding: 20px; text-align: center; border: 1px solid #999999; font-family: arial;">
Username: <input name="username" type="text" /><br />
Password: <input name="password" type="password" />
</form>
</body>
</html>

<?php }

?>
1

you had a misplaced parenth. this will work better

if (isset($_POST['username']) && $_POST['password'] ) {
	
	if ($_POST['username'] == 'admin' || $_POST['password'] == 'admin') {
		$password = $_POST['username'];
		$password = md5($_POST['password']);
	}
	else {
		$username = $_POST['username'];
		$password = $_POST['password'];
	}
0

cheers i fixed it :) 10/10 for service with a smile sure to come back again

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.