What I am doing Wrong? mysql error

[princeofpersia]

Hi guys

 

I am doinga login form for an organization, this form has email, password and pin

 

If user fills all the fields it will execute the query fine but if user doesnt enter the pin it will come up with an error, the issue is that this pin is not included anywhere in mysql_query I have. Query tries to get the company id from db and echo it out,

 

so if I dont enter the pin I get the error I have echoes out and another system error which is

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in ..../Dashboard/index.php on line 35

 

and my line 35 is

 

while($row=mysql_fetch_array($getpin)){

 

here is my code

 

<?php include ('includes/db/db.php'); ?>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml"> 

<head> 
<meta http-equiv="Content-type" content="text/html; charset=utf-8" /> 
<title>Login | Careers Inbox Dashboard Admin</title> 

<link rel="stylesheet" href="./css/reset.css" type="text/css" media="screen" title="no title" />
<link rel="stylesheet" href="./css/text.css" type="text/css" media="screen" title="no title" />
<link rel="stylesheet" href="./css/form.css" type="text/css" media="screen" title="no title" />
<link rel="stylesheet" href="./css/buttons.css" type="text/css" media="screen" title="no title" />
<link rel="stylesheet" href="./css/login.css" type="text/css" media="screen" title="no title" />

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head> 

<body> 

<div id="login">
  <h1>Dashboard</h1>
<?php 
if (isset($_POST['login']) && $_POST['login']){

$email=addslashes(strip_tags($_POST['email']));
$in_password=addslashes(strip_tags($_POST['password']));
$pin=addslashes(strip_tags($_POST['pin']));

$password=md5($in_password);

if (!$email || !$in_password || !$pin)  echo "<div class='error'>Please fill all required fields</div>";
else
$getpin=mysql_query("SELECT * FROM users WHERE UserEmail='$email' AND UserPassword='$password'");
while($row=mysql_fetch_array($getpin)){
$pin_email=$row['UserEmail '];
$pin_id=$row['UserId'];
$pin_company_id=$row['company_id'];
}
echo "$pin_company_id";

}



?>
  
<div id="login_panel">
<form action="" method="post" accept-charset="utf-8" />		
		<div class="login_fields">
			<div class="field">
				<label for="email">Email</label>
				<input type="text" name="email" value="" id="email" tabindex="1" placeholder="[email protected]" />		
			</div>

			<div class="field">
				<label for="password">Password <small><a href="forgotpassword.php">Forgot Password?</a></small></label>
				<input type="password" name="password" value="" id="password" tabindex="2" placeholder="password" />
                  <div class="field">
                    	<label for="pin">Pin Number</small></label><input type="password" name="pin" value="" id="password" tabindex="2" placeholder="pin"/>			
                  </div>
		  </div>
		</div> <!-- .login_fields -->

		<div class="login_actions">
            <input type="submit" name="login" value="Login" class="btn btn-grey"/>

		</div>
	</form>
</div> <!-- #login_panel -->		
</div> <!-- #login -->

</body> 

</html>

 

thank you in advance.

[fugix]

seems like your else statement is not getting triggered..therefore your mysql_fetch_array() function is trying to use an empty var

[princeofpersia]

so what do u think i should do?

[princeofpersia]

found the solution, I have brackets for my else statement now, thanks for you time