Click here to Skip to main content
15,076,130 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
hey I am doing this assignment in the wamp server but i came across this error. it is a syntx error but i am trying to see where the syntax error is i cant seem to find it at all

this is where the error originate, on this line in the code:

$sql ="SELECT * FROM uname ='"$_SESSION['users']"'";

and this is what the error says:
Parse error: syntax error, unexpected '$_SESSION' (T_VARIABLE) in C:\wamp64\www\luana\php\profile.php on line 34

What I have tried:

trying looking for the error. have been going back and forth searching to see where the error is but cant find it
Updated 22-Sep-19 16:10pm

$sql ="SELECT * FROM uname ='".$_SESSION['users']."'";

Your code is vulnerable to SQL injection.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
Parse error: syntax error, unexpected ')' in C:\wamp\www\Admin\insert.php on line 4
Richard Deeming 23-Sep-19 10:33am
If you want to ask a question, then ASK A QUESTION[^]. DO NOT post your question as a "solution" to someone else's question.

But be warned, you're going to have to provide a lot more than a random error message if you want anyone to be able to help you.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900