Extending my login

[zimmo]

I have a login script that is great and I want to expand on this but not sure where to place my new code I have written, I have placed it where I thought but keep getting errors for else and others when attempting to add this.

 

The code I am adding is not complete and will change, but I want to learn where I should be placing this within this code, it will stand me in good stead learning this as well. I thought by placing it after the if ($num_rows > 0) { section and it would perform the else request and execute my new code, but I get syntax and } kind of errors.

 

Here is the original code

<?php 
// Include the connections script to make a database connection.
include("inc/connect.php");

$username = "";
$password = "";
$errorMessage = "";

function quote_smart($value, $handle) {

   if (get_magic_quotes_gpc()) {
       $value = stripslashes($value);
   }

   if (!is_numeric($value)) {
       $value = "'" . mysql_real_escape_string($value, $handle) . "'";
   }
   return $value;
}

if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$username = $_POST['username'];
$password = $_POST['password'];

$username = htmlspecialchars($username);
$password = htmlspecialchars($password);


$db_found = mysql_select_db($db, $connection);

if ($db_found) {

	$username = quote_smart($username, $connection);
	$password = quote_smart($password, $connection);

	$SQL = "SELECT * FROM taablea WHERE username = $username AND password = '".md5($_POST['password'])."'";
	$result = mysql_query($SQL);
	$num_rows = mysql_num_rows($result);


	if ($result) {
		if ($num_rows > 0) {
			session_start();
			$_SESSION['username'] = "$_POST[username]";
			header ("Location: index.html");
		}

		else {
		$errorMessage = "Please check your username and/or password is correct";
		}	
	}
	else {
		$errorMessage = "Please check your username and/or password is correct";
	}

mysql_close($connection);

}

else {
	$errorMessage = "Please check your username and/or password is correct";
}

}
?>

 

This is my additional code that I am trying to get working so I can write it better.

 

/* New Block*/

		else {
			session_start();
			$_SESSION['attempts'] = "+1";

			# setup SQL statement
			$SQL = " INSERT INTO tablebtemp ";
			$SQL = $SQL . " (sid, username, password, attempts, ipaddress) VALUES ";
			$SQL = $SQL . " ('$sid', '$username', '$password', '$attempts', '$_SERVER[REMOTE_ADDR]') ";

			#execute SQL statement
			$result = mysql_db_query( *****,"$SQL",$connection );

			# check for error
			if (!$result) { 
			echo("ERROR: " . mysql_error() . "\n$SQL\n");  
			} 
				else {
						# setup SQL statement 2
						$SQL = "SELECT * FROM tablebtemp WHERE sid = $sid";
						$result = mysql_query($SQL);

							if (mysql_num_rows($result) ==0) {
										$errorMessage = "Please check your username and/or password is correct";
							}
							else (mysql_num_rows($result) ==3) {
										$errorMessage = "You are blocked, please contact us to get unblocked.";
				}
/* END */

 

[zimmo]

Could some one possibly assist with getting this code in the right place? I have tried a few things, but unsure as to why its not working. I thought the else statement could be replaced with my new code and it would execute that, but it fails on the else statement below.