avatar.alex Posted October 3, 2008 Share Posted October 3, 2008 I got this software up and running it just is having one problem. Whenever I log in I get this: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 15 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 23 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 33 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/www/twilightfor.freehostia.com/x/examples/protect.php on line 37 I go to protect.php: (I looked at the code and everything seems correct) <?php session_start (); // --------------------------------THE VARIABLES---------------------------------- // @include ("config.php"); // ----------------------------------THE CODE ------------------------------------ // function clearance ($user_value, $pass_value, $level_value, $userlevel_value, $table_value, $column1, $column2, $path) { // Function to see if user can login $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$pass_value'"); // Query to see if user exists $verify = mysql_num_rows ($check); if ($verify == 0) { // Check if passwords are hashed with MD5 $md5 = md5 ($pass_value); $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$md5'"); // Query to see if user exists $verify = mysql_num_rows ($check); } if ($verify == 0) { // Check if passwords are hashed with SHA1 $sha1 = sha1 ($pass_value); $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$sha1'"); // Query to see if user exists $verify = mysql_num_rows ($check); } $get = mysql_fetch_array ($check); if (count ($level_value) != 0) { // If the allow array contains userlevels if (in_array ($get[$userlevel_value], $level_value) && $verify > 0) { // Search allow to see if userlevels match $_SESSION['username'] = $user_value; // Register sessions $_SESSION['password'] = sha1 ($pass_value); // sha1 password for extra security $_SESSION['userlevel'] = $get[$userlevel_value]; } } else { if ($verify == 0) { // If attempt fails then redirect to login page $_SESSION = array(); $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; } if ($verify > 0) { // If attempt is good then register the user $_SESSION['username'] = $user_value; $_SESSION['password'] = sha1 ($pass_value); } } } function protect ($level_value, $password_value, $userlevel_value, $table_value, $column1, $path) { // Function to keep pages secure if (!isset ($_SESSION['username'])) { // If session doesn't exist then get user to login if (isset ($_POST['username']) && isset ($_POST['password'])) { $error = "Sorry but your login details were incorrect"; } $_SESSION = array(); @include ("login.php"); exit; } else { // If user is logged in check to see if session is valid and that they have the required userlevel $check = mysql_query ("SELECT $password_value, $userlevel_value FROM $table_value WHERE $column1='$_SESSION[username]'"); // Query to see if user exists $verify = mysql_num_rows ($check); $get = mysql_fetch_array ($check); if ($verify == 0) { $_SESSION = array(); $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; } if ($verify > 0 && count ($level_value) != 0) { if (!in_array ($get[$userlevel_value], $level_value)) { // Check to see if the users userlevel allows them to view the page $error = "Sorry but your login details were incorrect"; @include ("login.php"); exit; // Ensure no other data is sent } } } } if (isset ($_POST['username']) && isset ($_POST['password'])) { // If user submits login information then validate it clearance ($_POST['username'], $_POST['password'], $allow, $userlevel, $table, $username, $password, $path); } protect ($allow, $password, $userlevel, $table, $username, $path); mysql_close ($link); // Close the database connection for security reasons // -----------------------------------THE END ------------------------------------ // ?> Quote Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/ Share on other sites More sharing options...
revraz Posted October 3, 2008 Share Posted October 3, 2008 Looks like your query is failing. Quote Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656305 Share on other sites More sharing options...
avatar.alex Posted October 3, 2008 Author Share Posted October 3, 2008 Looks like your query is failing. What would I look up to fix it? Quote Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656438 Share on other sites More sharing options...
CroNiX Posted October 3, 2008 Share Posted October 3, 2008 add or die() to each query statement like: <?php $check = mysql_query ("SELECT $userlevel_value FROM $table_value WHERE username='$user_value' AND password='$pass_value'") or die(mysql_error()); // Query to see if user exists That will show you the mysql errors if there are any... I also don't see where you are connecting to the database unless it's in config.php, if you're not connected that could also cause those errors. Quote Link to comment https://forums.phpfreaks.com/topic/126841-solved-processing-login-info/#findComment-656523 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.