avatar.alex Posted October 3, 2008 Share Posted October 3, 2008 I got this software up and running it just is having one problem. Whenever I log in I get this: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 15 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 23 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 33 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 37 I go to protect.php: (I looked at the code and everything seems correct) <?php session_start (); // --------------------------------THE VARIABLES---------------------------------- // @include ("config.php"); // ----------------------------------THE CODE ------------------------------------ // function clearance ($user_value, $pass_value, $level_value, $userlevel_value, $table_value, $column1, $column2, $path) { // Function to see if user can login $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$pass_value'"); // Query to see if user exists $verify = mysql_num_rows ($check); if ($verify == 0) { // Check if passwords are hashed with MD5 $md5 = md5 ($pass_value); $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$md5'"); // Query to see if user exists $verify = mysql_num_rows ($check); } if ($verify == 0) { // Check if passwords are hashed with SHA1 $sha1 = sha1 ($pass_value); $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$sha1'"); // Query to see if user exists $verify = mysql_num_rows ($check); } $get = mysql_fetch_array ($check); if (count ($level_value) != 0) { // If the allow array contains userlevels if (in_array ($get[$userlevel_value], $level_value) && $verify > 0) { // Search allow to see if userlevels match $_SESSION['username'] = $user_value; // Register sessions $_SESSION['password'] = sha1 ($pass_value); // sha1 password for extra security $_SESSION['userlevel'] = $get[$userlevel_value]; } } else { if ($verify == 0) { // If attempt fails then redirect to login page $_SESSION = array(); $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; } if ($verify > 0) { // If attempt is good then register the user $_SESSION['username'] = $user_value; $_SESSION['password'] = sha1 ($pass_value); } } } function protect ($level_value, $password_value, $userlevel_value, $table_value, $column1, $path) { // Function to keep pages secure if (!isset ($_SESSION['username'])) { // If session doesn't exist then get user to login if (isset ($_POST['username']) && isset ($_POST['password'])) { $error = "Sorry but your login details were incorrect"; } $_SESSION = array(); @include ("login.php"); exit; } else { // If user is logged in check to see if session is valid and that they have the required userlevel $check = mysql_query ("SELECT $password_value, $userlevel_value FROM $table_value WHERE $column1='$_SESSION[username]'"); // Query to see if user exists $verify = mysql_num_rows ($check); $get = mysql_fetch_array ($check); if ($verify == 0) { $_SESSION = array(); $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; } if ($verify > 0 && count ($level_value) != 0) { if (!in_array ($get[$userlevel_value], $level_value)) { // Check to see if the users userlevel allows them to view the page $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; // Ensure no other data is sent } } } } if (isset ($_POST['username']) && isset ($_POST['password'])) { // If user submits login information then validate it clearance ($_POST['username'], $_POST['password'], $allow, $userlevel, $table, $username, $password, $path); } protect ($allow, $password, $userlevel, $table, $username, $path); mysql_close ($link); // Close the database connection for security reasons // -----------------------------------THE END ------------------------------------ // ?> Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/ Share on other sites More sharing options...
revraz Posted October 3, 2008 Share Posted October 3, 2008 Looks like your query is failing. Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656305 Share on other sites More sharing options...
avatar.alex Posted October 3, 2008 Author Share Posted October 3, 2008 Looks like your query is failing. What would I look up to fix it? Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656438 Share on other sites More sharing options...
CroNiX Posted October 3, 2008 Share Posted October 3, 2008 add or die() to each query statement like: <?php $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$pass_value'") or die(mysql_error()); // Query to see if user exists That will show you the mysql errors if there are any... I also don't see where you are connecting to the database unless it's in config.php, if you're not connected that could also cause those errors. Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656523 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.