jjacquay712 Posted August 29, 2008 Share Posted August 29, 2008 I have a script that lets you log in to my web site, but if they enter a wrong username and password an sql error comes up here is the error:Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /home/johnj/public_html/program/function.php on line 9 Warning: mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 3 in /home/johnj/public_html/program/function.php on line 37 <?php //Connect $con = mysql_connect("localhost", "johnj_admin", "*******") or die(mysql_error()); mysql_select_db("johnj_program", $con) or die(mysql_error()); //End Connect $resource = mysql_query("SELECT * FROM users WHERE username='{$_POST['username']}'"); $username = mysql_result($resource, 0, 'username'); if ($username == $_POST['username']) { echo "Username Found<br />"; //username found $resource2 = mysql_query("SELECT * FROM users WHERE username='{$_POST['username']}'"); $password = mysql_result($resource, 0, 'password'); if ($password == $_POST['password']) { echo "Correct Password<br /><br />"; //Correct Password $resource3 = mysql_query("SELECT content FROM content WHERE username = '{$_POST['username']}' LIMIT 0 , 30 "); $content = mysql_result($resource3, 0, 'content'); echo $content; //End Correct Password } else { echo "Bad Password"; } //username end } else { } ?> Is there anyway to get rid of that error? Link to comment https://forums.phpfreaks.com/topic/121853-solved-get-rid-of-those-dang-sql-errors-please-help/ Share on other sites More sharing options...
Wolphie Posted August 29, 2008 Share Posted August 29, 2008 I think you're going about this the wrong way. I would use this: // Database connection statements... $password = mysql_real_escape_string($_POST['password']); /** * Always use mysql_real_escape_string() on user inputted data. I would also perform extra security checks. Such as username length, and * check for HTML elements and escape them with htmlentities(); */ $username = mysql_real_escape_string($_POST['username']); // sha1($password) depending on which encryption function you used when the user signed up. $check = sprintf("SELECT `id`, `username`, `password` FROM `dbname` . `users` WHERE `username` = '%s' AND `password` = '%s' LIMIT 1", $username, sha1($password)); $result = mysql_query($check); if (mysql_num_rows($check) > 0) { // Log in valid... } else { // Log in failed... } Link to comment https://forums.phpfreaks.com/topic/121853-solved-get-rid-of-those-dang-sql-errors-please-help/#findComment-628664 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.