Need help with elseif php8

Marcjb · May 25, 2023, 12:12pm

Hi all,

I’ve been a site for years running on my synology server. After an update it does not support php 5.x anymore. Now my website is broken and I have a look at it for days but can’t find the solution. I’m not a developer, it’s just for fun…

Can any one help me out?

I’m getting this error message at my website:

“Parse error: syntax error, unexpected token “elseif”, expecting end of file in /volume1/web/linkcontainer.php on line 22”

The specific code is (partial):

if ($username=="www") {
	$userid=1;
} else {
	$sql = mysqli_query($connection, "SELECT id, gebrnaam FROM users WHERE gebrnaam = '$username'");
	while ($res = mysqli_fetch_assoc($sql)) {
    	trigger_error (mysqli_error ());
	}
} elseif (mysqli_num_rows($res)=="") {
		header("location:aanmeld.php");
		exit; 
} else {
    	while ($row = mysqli_fetch_assoc ($res)) {
		$userid = $row['id'];
		$username = $row['gebrnaam'];
	}
}

Many thanks in advance!

WKR
Marc

phdr · May 25, 2023, 4:22pm

Any else {…} branch must be at the end of a conditional block of code. Therefore, you cannot have an elseif() right after the closing } for an else.

The posted logic doesn’t make programming sense. The first if/else is to detect if the $username == ‘www’ or not. The code inside the else {…} branch should completely handle the ‘or not’ case.

Some points about the posted code -

If you build the sql query statement in a php variable, it makes testing easier (you can echo the sql query to see what it is or to run it in a tool like phpmyadmin) and it helps prevent typo mistakes by separating the sql query syntax as much as possible from the php syntax.
Don’t put external, unknown, dynamic values directly into an sql query statement, where any sql special character can break the sql query syntax, producing an error. Instead, use a prepared query. This would be a good time to switch to the much simpler and more modern PDO extension.
Don’t use a loop to fetch data from a query that will at most match a single row of data. Just directly fetch (and test) the one row of data.
You can test if a query matched any data by just testing if the fetched data is true or false. BTW - while testing if _num_rows() is loosely equal to an empty string will ‘work’, _num_rows() returns an integer, which you should either test as a boolean value or compare to a number, and it doesn’t work properly if a buffered query was used if you haven’t fetched all the data from the query, so, you might as well just fetch and test the fetched data, which will always produce the correct result.
mysqli_error() requires the connection as a parameter. Aside from the posted code not making sense, it it did execute that line of code inside that loop, it would produce a fatal php error.
In php8+, both mysqli and PDO statements that interact with the database server use exceptions for errors. i.e. any existing error handling logic you have in your code won’t ever be executed upon an error because execution transfers to the nearest correct type of exception handler, or to php if there is no exception handler in your code.
The only database statement errors you should handle in your code are for user recoverable errors, such as when inserting/updating duplicate or out of range user submitted data. For all other database statement errors, just let php handle them.
It is not clear what this code is part of, but the only redirect you should have in your code should be upon successful completion of post method form processing, and that redirect should be to the exact same page that the form processing code is part of.
If this SELECT query doesn’t match any data, this is a user error. You should setup a helpful error message and display it on the current page.
Don’t copy variables to other variables for nothing. This is just a waste of your typing time. Just use the original variables that data is in.