Script doesnt work

[Drezard]

Hello, I need some help with this script. I have been working on it for a few hours and cant get the output i wanted.

I keep getting this error:
[QUOTE]
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Program Files\xampp\htdocs\login_form.php on line 30
[/QUOTE]

Heres the script:
[CODE]
<?php
// initialize a session
session_start();
?>
<html>
<head></head>
<body>

<?php
if (!isset($_SESSION['login']) && !isset($_POST['user'])) {
    // if no data, print the form
?>
    <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
      Username:<input type="text" name="user"><br>
  Password:<input type="text" name="pass"><br>
        <input type="submit" name="submit">
    </form>
<?php
}
else if (!isset($_SESSION['login'])) {

include('connect.php');
    // if a session does not exist but the form has been submitted
    // check to see if the form has all required values
    // create a new session
$user = empty($_POST['user']) ? die ("Please Enter A Username") : mysql_escape_string($_POST['user']);
$pass = empty($_POST['pass']) ? die ("Please Enter A Password") : mysql_escape_string($_POST['pass']);
$sql = "SELECT * FROM users WHERE user='$user' && WHERE pass='$pass'";
$result = mysql_query($sql);
$count=mysql_num_rows($result);

if($count==1){

echo "Login Complete";

}

if ($count == 0) {

echo "Username or password are incorrect";

}

}
?>
</body>
</html>
[/CODE]

Thanks, Daniel

[logu]

hai
  the error is in your qurey

"SELECT * FROM users WHERE user='$user' && WHERE pass='$pass'

there are 2 where's in the query

it should be

"SELECT * FROM users WHERE user='$user' &&  pass='$pass'"

[HuggieBear]

[quote]
It should be... "SELECT * FROM users WHERE user='$user' &&  pass='$pass'";
[/quote]

I think it's preferable to use AND when dealing with strings isn't it?... "SELECT * FROM users WHERE user='$user' [b]AND[/b] pass='$pass'";

Regards
Huggie