我从PHP编译器收到以下错误 -
Parse error: syntax error, unexpected 'else' (T_ELSE) in C:\wamp\www\project alpha\functions.php
我在下面的代码中用 - //ERROR ON THIS ELSE STATEMENT
评论了else语句。但我无法弄清楚它失败的原因。
你能看到代码有问题吗?
function login($email, $password, $mysqli) {
// Using prepared statements means that SQL injection is not possible.
if ($stmt = $mysqli - > prepare("SELECT carer_id, username, password
FROM carers
WHERE email = ?
LIMIT 1")) {
$stmt - > bind_param('s', $email); // Bind "$email" to parameter.
$stmt - > execute(); // Execute the prepared query.
$stmt - > store_result();
// get variables from db result.
$stmt - > bind_result($user_id, $username, $db_password);
$stmt - > fetch();
if ($stmt - > num_rows == 1) {
// If the user exists we check if the account is locked
// from too many login attempts
if (checkbrute($user_id, $mysqli) == true) {
// Account is locked
// Send an email to user saying their account is locked
return false;
} else {
// Check if the plain textpassword verified against hashed password in the database (not ==)
if (password_verify($password, $db_password)) {
// Password is correct!
// Get the user-agent string of the user.
$user_browser = $_SERVER['HTTP_USER_AGENT'];
// XSS protection as we might print this value
$user_id = preg_replace("/[^0-9]+/", "", $user_id);
$_SESSION['user_id'] = $user_id;
// XSS protection as we might print this value
$username = preg_replace("/[^a-zA-Z0-9_\-]+/",
"",
$username);
$_SESSION['username'] = $username;
$_SESSION['login_string'] = password_hash($db_password.$user_browser, PASSWORD_BCRYPT);
// Login successful.
return true;
} else { //ERROR ON THIS ELSE STATEMENT
// Password is not correct
// We record this attempt in the database
$now = time();
$mysqli - > query("INSERT INTO login_attempts(user_id, time)
VALUES ('$user_id', '$now')");
return false;
}
}
} else {
// No user exists.
return false;
}
}
}
答案 0 :(得分:0)
之前的else
部分未在此else
之前结束。关闭之前的else
。
.............
} else {
// Check if the plain textpassword verified against hashed password in the database (not ==)
if (password_verify($password, $db_password)) {
// Password is correct!
// Get the user-agent string of the user.
$user_browser = $_SERVER['HTTP_USER_AGENT'];
// XSS protection as we might print this value
$user_id = preg_replace("/[^0-9]+/", "", $user_id);
$_SESSION['user_id'] = $user_id;
// XSS protection as we might print this value
$username = preg_replace("/[^a-zA-Z0-9_\-]+/",
"",
$username);
$_SESSION['username'] = $username;
$_SESSION['login_string'] = password_hash($db_password . $user_browser, PASSWORD_BCRYPT);
// Login successful.
return true;
}
} else { //ERROR ON THIS ELSE STATEMENT
// Password is not correct
// We ...............