Click here to Skip to main content
15,672,471 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
Hi everyone! I have a problem in my code PHP, the error is when I go to login and I send the datas leave this error:

Parse error: syntax error, unexpected end of file in C:\xampp\htdocs\clinica\valire.php on line 56

And this is my Code:
  1  0) {
  2  	  $_SESSION['usuario']=$name;
  3  	  header("location:home.php");
  4    }else{
  5  	  echo"Los datos estan mal";
  6    }
  8    include ('conex.php');
 10    //Registrar
 11  $name = $_POST["name"];
 12  $apellido = $_POST["apec"];
 13  $dad = $_POST["namep"];
 14  $mom = $_POST["namem"];
 15  $tipeCI = $_POST["tipeid"];
 16  $ci = $_POST["ci"];
 17  $phone = $_POST["te"];
 18  $correo = $_POST["email"];
 19  $add = $_POST["dirre"];
 20  $day = $_POST["diana"];
 21  $gradoI = $_POST["gradoin"];
 22  $esC = $_POST["estado"];
 23  $sex = $_POST["sex"];
 24  $pass = $_POST["pass"];
 26  if(isset($_POST["butt"]))
 27  {
 28  	$sqlgrabar = "INSERT INTO usuario(name,last,nameDad,nameMom,tipoIdentificacion,identificacion,telefono,email,address
 29  	,born,rango,estadoC,sex,pass)
 30  	values ('$name','$apellido','$dad','$mom','$tipeCI','$ci','$phone','$correo','$add','$day','$gradoI','$esC',
 31  	'$sex','$pass')"; 
 34  	 $veri_correo=mysqli_query($conn,"SELECT * FROM usuario WHERE email='$correo'");
 35  	 $veri_pass=mysqli_query($conn,"SELECT * FROM usuario WHERE pass='$pass'");
 37  	  if(mysqli_num_rows($veri_correo) > 0){
 38  		  echo 'window.location="dise/errorEgistro.php";';
 40  		  exit();
 41  	  }
 43  	  if(mysqli_num_rows($veri_pass) > 0){
 44  		   echo 'window.location="dise/errorEgistro.php";';
 45  		  exit();
 46  	  }
 48  	if(mysqli_query($conn,$sqlgrabar))
 49  	{
 50  		echo " alert('Felicidades el usuario fue registrado con exito: $name'); window.location='login.php' ";
 51  	}else 
 52  	{
 53  		echo "Error: ".$sqlgrabar."<br>".mysqli_error($conn);
 54  	}
 55  }
 56  ?>


What I have tried:

I tried lilte things, but I dont why but happing
Updated 19-Nov-21 6:34am
CHill60 19-Nov-21 11:16am    
Is that all your code - there aren't 71 lines there
Should there be // in front of "Missing some things to fix"?
XEmmanuel21 19-Nov-21 11:36am    
Hello! Thank you for your answer, "Missing some things to fix" It is not in My code, it is a comment in My question, do you understand me?
Richard MacCutchan 19-Nov-21 12:06pm    
There are still only 56 lines of code, so how can we tell what is on line 71?
XEmmanuel21 19-Nov-21 12:15pm    
The line 71 is the last, sorry
Richard MacCutchan 19-Nov-21 12:40pm    
Well there are still 14 lines missing from your post, so we cannot tell whether anything is missing from the previous lines.

1 solution

That isn't your complete code: we know that becaus ethere are only 56 lines of code in there, and the error message specifically references line 71. So to be honest there isn't anything we could do to fix it if we wanted to.

But ... that looks like it was written by at least two people, and thrown together: the different indetention styles are a clue, and they also kinda point to what you problem is likely to be: some of the code is actually missing, even in your more complete version.
Start by matching up quotes, double quotes, brackets, parentheses and so forth: chances are there is one missing somewhere and the system is complaining as a reault.

But you have more important problems: Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'
Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
A perfectly valid "delete the table" command
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
Share this answer
XEmmanuel21 19-Nov-21 12:36pm    
No is the line 71 is the 56, I m sorry

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900