fr34k2oo4 Posted March 4, 2009 Share Posted March 4, 2009 I'm using the following code: <?php $cfg['host'] = "localhost"; $cfg['user'] = "hvjih_admin"; $cfg['pass'] = "123admin"; $cfg['database'] = "hvjih"; $cfg['usersTable'] = "authUsers"; $cfg['onSuccess'] = "./login.welcome.php"; $cfg['onCancel'] = "./error.php"; mysql_connect($cfg['host'],$cfg['user'],$cfg['pass']); mysql_select_db($cfg['database']); // process the login request if($_POST['action'] == "login") { // check to see if the user field or pass field is empty. if so set message. if(empty($_POST['user']) || empty($_POST['pass'])) { // user or pass was empty. set the message text $message = "You must enter a valid username and password!"; } else { // query the users table $query = mysql_query("SELECT * FROM ".$cfg['usersTable']."WHERE username='".$_POST['user']."' AND password='".$_POST['pass']."'"); // did the query return a user if(mysql_num_rows($query) == 1) { // set the session variables with the user data while($row = mysql_fetch_assoc($query)) { $_SESSION['auth']['ID'] = $row['ID']; $_SESSION['auth']['timestamp'] = $row['timestamp']; $_SESSION['auth']['fullName'] = $row['fullName']; $_SESSION['auth']['username'] = $row['username']; $_SESSION['auth']['password'] = $row['password']; $_SESSION['auth']['email'] = $row['email']; $_SESSION['auth']['isSuperUser'] = $row['isSuperUser']; $_SESSION['auth']['status'] = 1; } // login was successfull. redirect to the onSuccess location header("Location: ".$cfg['onSuccess']); } else { // user did not exist. set the message text $message = "<B>User does not exist.</B><br>Check your username and password."; } // do this if the logout command is set (action=logout) } } elseif($_GET['action'] == "logout") { // unset the authentication session variable unset($_SESSION['auth']); // redirect to the onCancel location header("Location: ".$cfg['onCancel']); } // check to see if a user is loged in if($_SESSION['auth']['status'] != 1) { // user is not loged in so show the login form ?> <form method='post' action='<?php echo $_SERVER['PHP_SELF']; ?>'> <input type=hidden name='action' value='login'> <table style='width:100%;'> <tr> <td style='text-align:center;'> <table width='250' style='background-color:#EEEEEE; border: 1px solid #CCCCCC;'> <?php if(isset($message)) { echo "<tr><td colspan=2 style='border: 1px solid #CCCCCC; background-color:#FFFFCC; text-align:center; vertical-align:bottom; font: normal 10pt Arial;'>".$message."</td></tr>"; } ?> <tr> <td colspan=2 align=center style='font: bold 12pt Arial; border:1px solid #CCCCCC; background-color:#FFFFFF;'>Login</td> </tr> <tr> <td width='100' style='font:bold 10pt Arial; padding: 5px;'>Username:</td> <td width='150' style='font:bold 10pt Arial; padding: 5px;'><input type='text' name='user' value='<?php echo $_POST['user']; ?>' style='font: normal 8pt Arial; width:100%; border:1px solid #CCCCCC;'><td> </tr> <tr> <td width='100' style='font:bold 10pt Arial; padding: 5px;'>Password:</td> <td width='150' style='font:bold 10pt Arial; padding: 5px;'><input type='password' name='pass' style='font: normal 8pt Arial; width:100%; border:1px solid #CCCCCC;'><td> </tr> <tr> <td colspan=2 align=center style='font:bold 10pt Arial; padding: 2px; background-color:#FFFFFF; border: 1px solid #CCCCCC;'> <input type='submit' value='Login' name="submit" style='font: normal 8pt Arial; border: 1px solid #CCCCCC; background-color:#EEEEEE;'> <input type='button' value='Annuleer' onClick="window.location='<?php echo $cfg['onCancel']; ?>';" style='font: normal 8pt Arial; border: 1px solid #CCCCCC; background-color:#EEEEEE;'> </td> </tr> </table> </td> </tr> </table> </form> <?php // exit the script. don't show anything below this point exit; } ?> When I try to login it returns the following error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in [...] on line 28 Line 28 is: if(mysql_num_rows($query) == 1) can someone help me? Link to comment https://forums.phpfreaks.com/topic/147907-solved-login-failure-due-to-a-mysql-error/ Share on other sites More sharing options...
Mchl Posted March 4, 2009 Share Posted March 4, 2009 Your query is failing Change $query = mysql_query("SELECT * FROM ".$cfg['usersTable']."WHERE username='".$_POST['user']."' AND password='".$_POST['pass']."'"); to $sql = "SELECT * FROM ".$cfg['usersTable']."WHERE username='".$_POST['user']."' AND password='".$_POST['pass']."'"; $query = mysql_query($sql) or die(mysql_error().": $sql"); Link to comment https://forums.phpfreaks.com/topic/147907-solved-login-failure-due-to-a-mysql-error/#findComment-776278 Share on other sites More sharing options...
fr34k2oo4 Posted March 4, 2009 Author Share Posted March 4, 2009 When I change it this is the ouput: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '='test' AND password='123test'' at line 1: SELECT * FROM authUsersWHERE username='test' AND password='123test' so it still doesn't work. any suggestions? php version: 5.2.4 mySQL version: 4.1.15 Fixed it, there was no space between ...sersTable']." and WHERE u.... thanks for the help Link to comment https://forums.phpfreaks.com/topic/147907-solved-login-failure-due-to-a-mysql-error/#findComment-776299 Share on other sites More sharing options...
PFMaBiSmAd Posted March 4, 2009 Share Posted March 4, 2009 authUsersWHERE You need a space before the WHERE so that the WHERE can be found in the query. Link to comment https://forums.phpfreaks.com/topic/147907-solved-login-failure-due-to-a-mysql-error/#findComment-776304 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.