i cannot seem to find the syntax error
Parse error: syntax error, unexpected T_VARIABLE on line 24
18 $user = $_REQUEST['username'];
19 $pass = $_REQUEST['password'];
20
21 $user = mysql_real_escape_string($_REQUEST['username']);
22 $pass = mysql_real_escape_string($_REQUEST['password']);
23
24 $query = 'SELECT * FROM user, user WHERE '$user' = username AND '$pass' = password';
on line 24:
$query = 'SELECT * FROM user, user WHERE '$user' = username AND '$pass' = password';
Why user twice?
Try:
$query = "SELECT * FROM user, user WHERE username = $user and password = $pass";
Or
$query = "SELECT * FROM user, user WHERE username = " . $user ."and password = ". $pass;
The are both equivalent, just using different syntax. The first uses the "" combination that allows you to call a variable inside a string, the second - and one I prefer - keeps the string elements separate from the variables. While it is a bit more difficult to write, it is far superior - in my humble opinion - when you have to debug.
in line 24 only one user should be called. try this one
$query = "SELECT * FROM user WHERE username = $user and password = $pass";
hopes it helps
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.