Warning: mysql_num_rows(): supplied argument is not a valid MySQL resource

[TGWSE_GY]

Okay I get this warning Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/.deceasing/thegayestever/www.hmtotc.com/private/george/UMS/sys/activity/activity.php on line 13 when this script runs

 

the user enters his user name and password in form.html

<form method="post" action="auth.php">
<p>Username: <input type="text" name="formUsr" /></p>
<p>Password: <input type="text" name="formPass" /></p>
<a><input type="submit" /></a>
</form>

 

then it loads auth.php

<?php

/*
  @author George Young
  @copyright 2008
  This script is ment for a high security login system using advance algorythmic verification.
 */

// Call database connection info
include('../sys/config.php');

// Setting variable $con to hold the login information for the mysql server
$con = mysql_connect($Host, $Login, $Pass);

// Connects and selects the Table for authentication
mysql_select_db("login_ums", $con);

// Holding form username and password in variables for processing
$varUsr = $_POST['formUsr'];
$varPass = $_POST['formPass'];

// Store encrypted key "password" in variable
$tmp = sha1($varPass);

// Set encrypted password to a variable to hold for the remainder of the script         ------ May not need due to $tmp variable already holding the pass
$varPass = $tmp;

$testAcct = mysql_query("SELECT * FROM `login` WHERE Pass = '$tmp'");
If (mysql_num_rows($testAcct)){
	include('setstatus.php');
	include('../sys/activity/activity.php');
	include('../members/memberhome.php');
	mysql_close($con);
} else {
	include('AccessDenied.php');
}

?>

 

it processes setstatus.php just fine but when it gets to activity.php is when i get the MYSQL WARNING

 

<?php

 

$con = mysql_connect($Host, $Login, $Pass);

 

$Date = date('m-d-y');

$Start = date('H:i:s');

$IP = $_SERVER['Remote_ADDR'];

 

 

mysql_select_db("login_ums", $con);

$testActive = mysql_query("SELECT * FROM 'ActiveUsers' WHERE Usr = '$varUsr'");

 

if (mysql_num_rows($testActive)) { <------------ This is the line giving the error!

include('suspect.php');

die('That user is already logged in, please try again or contact the webmaster');

} else {

$cID = mysql_query("SELECT CustID FROM 'Login' WHERE Usr = '$varUser'");

mysql_query("INSERT INTO 'ActiveUsers' ( CustID,Usr,Date,Start,End,IP ) VALUES ('$cID', $varUsr',

'$Date', '$Start', '', '$IP')");

mysql_close($con);

include('set_cookie.php');

}

?>

 

I have poured over this for two days and cannot find the problem, any help would be greatly appreciated.

I did not include my config.php code because I know it is working fine, and for security purposes.

 

Thanks

[Yesideez]

Which line exactly is 13?

[Maq]

Which line exactly is 13?

 

Probably the line that has "

 

Your query is probably failing change this line to:

 

$testActive = mysql_query("SELECT * FROM 'ActiveUsers' WHERE Usr = '$varUsr'") or die(mysql_error());

[TGWSE_GY]

Okay I changed that line of code and now it is giving me this error.

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''ActiveUsers' WHERE Usr = 'Admin'' at line 1

 

 

I know it is on the same line because I am logging in with the Admin account. The MYSQL Version on my host is 5.0.67

 

and yes the line with <------------ This is the where there error is, is line 13.

 

Thanks

[Maq]

You don't need single quotes around the table:

 

$testActive = mysql_query("SELECT * FROM ActiveUsers WHERE Usr = '$varUsr'") or die(mysql_error());