0

Hi, I'm modifying a login script; I added an avatar system and now I get an error: Parse error: syntax error, unexpected 'if' (T_IF), expecting function (T_FUNCTION) in /home/promanx2/public_html/include/session.php on line 455

The whole code of that page is here.

<?php
/**
 * Session.php
 * 
 * The Session class is meant to simplify the task of keeping
 * track of logged in users and also guests.
 *
 */
include("database.php");
include("mailer.php");
include("form.php");

class Session
{
   var $username;     //Username given on sign-up
   var $userid;       //Random value generated on current login
   var $userlevel;    //The level to which the user pertains
   var $time;         //Time user was last active (page loaded)
   var $logged_in;    //True if user is logged in, false otherwise
   var $userinfo = array();  //The array holding all user info
   var $url;          //The page url current being viewed
   var $referrer;     //Last recorded site page viewed
   /**
    * Note: referrer should really only be considered the actual
    * page referrer in process.php, any other time it may be
    * inaccurate.
    */

   /* Class constructor */
   function Session(){
      $this->time = time();
      $this->startSession();
   }

   /**
    * startSession - Performs all the actions necessary to 
    * initialize this session object. Tries to determine if the
    * the user has logged in already, and sets the variables 
    * accordingly. Also takes advantage of this page load to
    * update the active visitors tables.
    */
   function startSession(){
      global $database;  //The database connection
      session_start();   //Tell PHP to start the session

      /* Determine if user is logged in */
      $this->logged_in = $this->checkLogin();

      /**
       * Set guest value to users not logged in, and update
       * active guests table accordingly.
       */
      if(!$this->logged_in){
         $this->username = $_SESSION['username'] = GUEST_NAME;
         $this->userlevel = GUEST_LEVEL;
         $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);
      }
      /* Update users last active timestamp */
      else{
         $database->addActiveUser($this->username, $this->time);
      }

      /* Remove inactive visitors from database */
      $database->removeInactiveUsers();
      $database->removeInactiveGuests();

      /* Set referrer page */
      if(isset($_SESSION['url'])){
         $this->referrer = $_SESSION['url'];
      }else{
         $this->referrer = "/";
      }

      /* Set current url */
      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
   }

   /**
    * checkLogin - Checks if the user has already previously
    * logged in, and a session with the user has already been
    * established. Also checks to see if user has been remembered.
    * If so, the database is queried to make sure of the user's 
    * authenticity. Returns true if the user has logged in.
    */
   function checkLogin(){
      global $database;  //The database connection
      /* Check if user has been remembered */
      if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
         $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
         $this->userid   = $_SESSION['userid']   = $_COOKIE['cookid'];
      }

      /* Username and userid have been set and not guest */
      if(isset($_SESSION['username']) && isset($_SESSION['userid']) &&
         $_SESSION['username'] != GUEST_NAME){
         /* Confirm that username and userid are valid */
         if($database->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0){
            /* Variables are incorrect, user not logged in */
            unset($_SESSION['username']);
            unset($_SESSION['userid']);
            return false;
         }

         /* User is logged in, set class variables */
         $this->userinfo  = $database->getUserInfo($_SESSION['username']);
         $this->username  = $this->userinfo['username'];
         $this->userid    = $this->userinfo['userid'];
         $this->userlevel = $this->userinfo['userlevel'];
         return true;
      }
      /* User not logged in */
      else{
         return false;
      }
   }

   /**
    * login - The user has submitted his username and password
    * through the login form, this function checks the authenticity
    * of that information in the database and creates the session.
    * Effectively logging in the user if all goes well.
    */
   function login($subuser, $subpass, $subremember){
      global $database, $form;  //The database and form object

      /* Username error checking */
      $field = "user";  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered");
      }
      else{
         /* Check if username is not alphanumeric */
         if(!preg_match("/^([0-9a-z])*$/i", $subuser)){
            $form->setError($field, "* Username not alphanumeric");
         }
      }

      /* Password error checking */
      $field = "pass";  //Use field name for password
      if(!$subpass){
         $form->setError($field, "* Password not entered");
      }

      /* Return if form errors exist */
      if($form->num_errors > 0){
         return false;
      }

      /* Checks that username is in database and password is correct */
      $subuser = stripslashes($subuser);
      $result = $database->confirmUserPass($subuser, md5($subpass));

      /* Check error codes */
if($result == 1){
  $field = "user";
  $form->setError($field, "* Username not found");
}
else if($result == 2){
  $field = "pass";
  $form->setError($field, "* Invalid password");
}
else if($result == 3){
  $field = "user";
  $form->setError($field, "* Your account has not been activated yet");
}

      /* Return if form errors exist */
      if($form->num_errors > 0){
         return false;
      }

      /* Username and password correct, register session variables */
      $this->userinfo  = $database->getUserInfo($subuser);
      $this->username  = $_SESSION['username'] = $this->userinfo['username'];
      $this->userid    = $_SESSION['userid']   = $this->generateRandID();
      $this->userlevel = $this->userinfo['userlevel'];

      /* Insert userid into database and update active users table */
      $database->updateUserField($this->username, "userid", $this->userid);
      $database->addActiveUser($this->username, $this->time);
      $database->removeActiveGuest($_SERVER['REMOTE_ADDR']);

      /**
       * This is the cool part: the user has requested that we remember that
       * he's logged in, so we set two cookies. One to hold his username,
       * and one to hold his random value userid. It expires by the time
       * specified in constants.php. Now, next time he comes to our site, we will
       * log him in automatically, but only if he didn't log out before he left.
       */
      if($subremember){
         setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH);
         setcookie("cookid",   $this->userid,   time()+COOKIE_EXPIRE, COOKIE_PATH);
      }

      /* Login completed successfully */
      return true;
   }

   /**
    * logout - Gets called when the user wants to be logged out of the
    * website. It deletes any cookies that were stored on the users
    * computer as a result of him wanting to be remembered, and also
    * unsets session variables and demotes his user level to guest.
    */
   function logout(){
      global $database;  //The database connection
      /**
       * Delete cookies - the time must be in the past,
       * so just negate what you added when creating the
       * cookie.
       */
      if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
         setcookie("cookname", "", time()-COOKIE_EXPIRE, COOKIE_PATH);
         setcookie("cookid",   "", time()-COOKIE_EXPIRE, COOKIE_PATH);
      }

      /* Unset PHP session variables */
      unset($_SESSION['username']);
      unset($_SESSION['userid']);

      /* Reflect fact that user has logged out */
      $this->logged_in = false;

      /**
       * Remove from active users table and add to
       * active guests tables.
       */
      $database->removeActiveUser($this->username);
      $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);

      /* Set user level to guest */
      $this->username  = GUEST_NAME;
      $this->userlevel = GUEST_LEVEL;
   }

   /**
    * register - Gets called when the user has just submitted the
    * registration form. Determines if there were any errors with
    * the entry fields, if so, it records the errors and returns
    * 1. If no errors were found, it registers the new user and
    * returns 0. Returns 2 if registration failed.
    */
   function register($subuser, $subpass, $subemail){
      global $database, $form, $mailer;  //The database, form and mailer object

      /* Username error checking */
      $field = "user";  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered");
      }
      else{
         /* Spruce up username, check length */
         $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5){
            $form->setError($field, "* Username below 5 characters");
         }
         else if(strlen($subuser) > 30){
            $form->setError($field, "* Username above 30 characters");
         }
         /* Check if username is not alphanumeric */
         else if(!preg_match("/^([0-9a-z])+$/i", $subuser)){
            $form->setError($field, "* Username not alphanumeric");
         }
         /* Check if username is reserved */
         else if(strcasecmp($subuser, GUEST_NAME) == 0){
            $form->setError($field, "* Username reserved word");
         }
         /* Check if username is already in use */
         else if($database->usernameTaken($subuser)){
            $form->setError($field, "* Username already in use");
         }
         /* Check if username is banned */
         else if($database->usernameBanned($subuser)){
            $form->setError($field, "* Username banned");
         }
      }

      /* Password error checking */
      $field = "pass";  //Use field name for password
      if(!$subpass){
         $form->setError($field, "* Password not entered");
      }
      else{
         /* Spruce up password and check length*/
         $subpass = stripslashes($subpass);
         if(strlen($subpass) < 4){
            $form->setError($field, "* Password too short");
         }
         /* Check if password is not alphanumeric */
         else if(!preg_match("/^([0-9a-z])+$/i", ($subpass = trim($subpass)))){
            $form->setError($field, "* Password not alphanumeric");
         }
         /**
          * Note: I trimmed the password only after I checked the length
          * because if you fill the password field up with spaces
          * it looks like a lot more characters than 4, so it looks
          * kind of stupid to report "password too short".
          */
      }

      /* Email error checking */
      $field = "email";  //Use field name for email
      if(!$subemail || strlen($subemail = trim($subemail)) == 0){
         $form->setError($field, "* Email not entered");
      }
      else{
         /* Check if valid email address */
         $regex = "/^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                 ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                 ."\.([a-z]{2,}){1}$/i";
         if(!preg_match($regex,$subemail)){
            $form->setError($field, "* Email invalid");
         }
         $subemail = stripslashes($subemail);
      }

      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         return 1;  //Errors with form
      }
      /* No errors, add the new account to the */
      else{
      if($database->addNewUser($subuser, md5($subpass), $subemail)){
   if(EMAIL_WELCOME){
      $mailer->sendWelcome($subuser,$subemail,$subpass);
   }
   return 0;  //New user added succesfully
}else{
   return 2;  //Registration attempt failed
}
      }
   }

   /**
    * editAccount - Attempts to edit the user's account information
    * including the password, which it first makes sure is correct
    * if entered, if so and the new password is in the right
    * format, the change is made. All other fields are changed
    * automatically.
    */
   function editAccount($subcurpass, $subnewpass, $subemail, $subavatar){
      global $database, $form;  //The database and form object
      /* New password entered */
      if($subnewpass){
         /* Current Password error checking */
         $field = "curpass";  //Use field name for current password
         if(!$subcurpass){
            $form->setError($field, "* Current Password not entered");
         }
         else{
            /* Check if password too short or is not alphanumeric */
            $subcurpass = stripslashes($subcurpass);
            if(strlen($subcurpass) < 4 ||
               !preg_match("/^([0-9a-z])+$/i", ($subcurpass = trim($subcurpass)))){
               $form->setError($field, "* Current Password incorrect");
            }
            /* Password entered is incorrect */
            if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
               $form->setError($field, "* Current Password incorrect");
            }
         }

         /* New Password error checking */
         $field = "newpass";  //Use field name for new password
         /* Spruce up password and check length*/
         $subpass = stripslashes($subnewpass);
         if(strlen($subnewpass) < 4){
            $form->setError($field, "* New Password too short");
         }
         /* Check if password is not alphanumeric */
         else if(!preg_match("/^([0-9a-z])+$/i", ($subnewpass = trim($subnewpass)))){
            $form->setError($field, "* New Password not alphanumeric");
         }
      }
      /* Change password attempted */
      else if($subcurpass){
         /* New Password error reporting */
         $field = "newpass";  //Use field name for new password
         $form->setError($field, "* New Password not entered");
      }

      /* Email error checking */
      $field = "email";  //Use field name for email
      if($subemail && strlen($subemail = trim($subemail)) > 0){
         /* Check if valid email address */
         $regex = "/^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                 ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                 ."\.([a-z]{2,}){1}$/i";
         if(!preg_match($regex,$subemail)){
            $form->setError($field, "* Email invalid");
         }
         $subemail = stripslashes($subemail);
      }

AVATAR PLUGIN

AVATAR PLUGIN

#

/* avatar plugin */




             $field = "avatar"; //Use field name for avatar
                //Check that we have a file
                if((!empty($_FILES["avatar"])) && ($_FILES['avatar']['error'] == 0)) {
                  //Check if the file is JPEG/GIF and it's size is less than 15Kb
                  $filename = basename($_FILES['avatar']['name']);
                  $ext = substr($filename, strrpos($filename, '.') + 1);
                  if (($ext == "jpg" || $ext == "JPG" || $ext == "jpeg" || $ext == "gif") && ($_FILES["avatar"]["type"] == "image/jpeg") || ($_FILES["avatar"]["type"] == "image/pjpeg") || ($_FILES["avatar"]["type"] == "image/gif") && 
                  //the size below this line states it must be smaller than 15Kb
                    ($_FILES["avatar"]["size"] < 15000)) {
                  //the line below this gives the uploaded file a random number name
                $random_digit=rand(0000,9999);



   //combine random digit to you file name to create new file name
    //use dot (.) to combile these two variables
    $newplus=$random_digit.".";
    $subavatar=$newplus.$ext;
             $subavatar = stripslashes($subavatar);

        //Determine the path to which we want to save this file
          $newname = dirname(__FILE__).'/userimg/'.$subavatar;
          //Check if the file with the same name is already exists on the server
          if (!file_exists($newname)) {
            //Attempt to move the uploaded file to it's new place
            if ((move_uploaded_file($_FILES['avatar']['tmp_name'],$newname))) {
             $database->updateUserField($this->username,"avatar",$subavatar);
            } else {
               $form->setError($field, "* Error: A problem occurred during file upload!");
            }
          } else {
               $form->setError($field, "* Error: File ".$_FILES["avatar"]["name"]." already exists");
          }
      } else {
               $form->setError($field, "* Error: Only .jpg or .gif images please.");
      }
    } else {

    }

          /* Errors exist, have user correct them */
          if($form->num_errors > 0){
             return false;  //Errors with form
          }

          /* Update password since there were no errors */
          if($subcurpass && $subnewpass){
             $database->updateUserField($this->username,"password",md5($subnewpass));
          }

          /* Change Email */
          if($subemail){
             $database->updateUserField($this->username,"email",$subemail);
          }

          /* Success! */
          return true;
       }

**

/* Change Avatar (If the user is uploading a new avatar unlink will delete their old one from the directory "userimg".)*/
          if($subavatar){
    $avadel='include/userimg/'.$this->userinfo['avatar'];
          if (empty($this->userinfo['avatar'])) {$avadel='No Avatar to delete';}
            else
          {
    unlink($avadel);
          }
             $database->updateUserField($this->username,"avatar",$subavatar);
          }**

       /**
        * isAdmin - Returns true if currently logged in user is
        * an administrator, false otherwise.
        */
       function isAdmin(){
          return ($this->userlevel == ADMIN_LEVEL ||
                  $this->username  == ADMIN_NAME);
       }

       /**
        * generateRandID - Generates a string made up of randomized
        * letters (lower and upper case) and digits and returns
        * the md5 hash of it to be used as a userid.
        */
       function generateRandID(){
          return md5($this->generateRandStr(16));
       }

       /**
        * generateRandStr - Generates a string made up of randomized
        * letters (lower and upper case) and digits, the length
        * is a specified parameter.
        */
       function generateRandStr($length){
          $randstr = "";
          for($i=0; $i<$length; $i++){
             $randnum = mt_rand(0,61);
             if($randnum < 10){
                $randstr .= chr($randnum+48);
             }else if($randnum < 36){
                $randstr .= chr($randnum+55);
             }else{
                $randstr .= chr($randnum+61);
             }
          }
          return $randstr;
       }
    };


    /**
     * Initialize session object - This must be initialized before
     * the form object because the form uses session variables,
     * which cannot be accessed unless the session has started.
     */
    $session = new Session;

    /* Initialize form object */
    $form = new Form;

    /**
        * This will get the number of new friends requests
        * sent to this user's session.
        */
          $requests = "SELECT * FROM `friends` WHERE `friend_id` = '$session->username' AND `status` = 'inActive'";
          $numFriendRequests = $database->query($requests) or die(mysql_error());
          $numFriendRequests = mysql_num_rows($numFriendRequests);

    /**
        * This will get the number of friends
        * sent to this user's session.
        */
          $friends = "SELECT * FROM `friends` WHERE `person_id` = '$session->username' AND `status` = 'Active' OR `friend_id` = '$session->username' AND `status` = 'Active'";
          $numFriends = $database->query($friends) or die(mysql_error());
          $numFriends = mysql_num_rows($numFriends);

     /**
        * This will get the number of new messages
        * sent to this user's session.
        */
          $q = "SELECT mail_id FROM mail WHERE UserTo = '$session->username' and status = 'unread'";
          $numUnreadMail = $database->query($q) or die(mysql_error());
          $numUnreadMail = mysql_num_rows($numUnreadMail);
    ?>

It only happens when I add the avatar part, I have added a heading to where the avatar parts are. I have checked line 255: /* Spruce up username, check length */

  $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5){
            $form->setError($field, "* Username below 5 characters");
         }
         else if(strlen($subuser) > 30){
            $form->setError($field, "* Username above 30 characters");
         }
         /* Check if username is not alphanumeric */
         else if(!preg_match("/^([0-9a-z])+$/i", $subuser)){
            $form->setError($field, "* Username not alphanumeric");
         }
         /* Check if username is reserved */
         else if(strcasecmp($subuser, GUEST_NAME) == 0){
            $form->setError($field, "* Username reserved word");
         }
         /* Check if username is already in use */
         else if($database->usernameTaken($subuser)){
            $form->setError($field, "* Username already in use");
         }
         /* Check if username is banned */
         else if($database->usernameBanned($subuser)){
            $form->setError($field, "* Username banned");
         }
      }
     Thats the part.

Please can someone help me with this. Thank You

2
Contributors
3
Replies
27
Views
4 Years
Discussion Span
Last Post by BadManSam
0

Please post this line from the specified file.

(T_IF), expecting function (T_FUNCTION) in /home/promanx2/public_html/include/session.php on line 455

0
/* Change Avatar (If the user is uploading a new avatar unlink will delete their old one from the directory "userimg".)*/
      if($subavatar){
$avadel='include/userimg/'.$this->userinfo['avatar'];
      if (empty($this->userinfo['avatar'])) {$avadel='No Avatar to delete';}
        else
      {
unlink($avadel);
      }
         $database->updateUserField($this->username,"avatar",$subavatar);
      }

Thats the line where the error occurs: Line 455 is

      if($subavatar){

Edited by BadManSam: Missed something out

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.