Jump to content

Recommended Posts

Hi,

 

I'm trying to create a login script for a website, but I'm having a problem with a row counter and header modifying. The error I get is :

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/lincncou/public_html/admin/checklogin.php on line 19

 

Warning: Cannot modify header information - headers already sent by (output started at /home/lincncou/public_html/admin/checklogin.php:19) in /home/lincncou/public_html/admin/checklogin.php on line 30

 

Here is line 19:

 

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

 

And here is line 30:

else {
header("location:index.html");
}

 

Is the count problem a problem with the initial sql query or with the count function?

 

Here is the full page or code:

 

<?php
require_once("includes/db.php");
$tbl_name="users"; // Table name

// username and password sent from form 
$username=$_POST['username']; 
$password=$_POST['password'];

// To protect MySQL injection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

//To select the users from the table
$result = mysql_query("SELECT * FROM $tbl_name WHERE username='$username' and password='$password'");

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $username, $password and redirect to file "calendar.php"
session_register("username");
session_register("password"); 
header("location:calendar.php");
}
else {

//Else redirect back to login screen
header("location:index.html");
}
?>

 

Link to comment
https://forums.phpfreaks.com/topic/241782-php-login-script-problems/
Share on other sites

Hi,

 

This indicates a problem with your SQL statement where you run your SELECT statement.

 

The mysql_num_rows commandon line 19 is failing due to an error with the SELECT statement and sending an output to the browser, thus creting the further error when you try to send the header on line 30.

 

Check your table name, is this correct?

 

Try just running the SQL statement on your command line to ensure that it is working and hardcode your username and password in rather than using variables.  Eventually you'll find the error and be able to correct it.

I ran the following code:

$result = mysql_query("SELECT * FROM users WHERE user_email = '$username' AND user_password = '$password'")  or die ('Error: '.mysql_error ());

 

This showed me I was making a typical rookie error of a typo in my column name, but when corrected it still wouldn't work, as it redirected me back to the index page when I had entered the correct login details. I managed to fix it by changing:

// username and password sent from form 
$username = $_POST['username']; 
$password = $_POST['password'];

To:

// username and password sent from form 
$username = $_GET['username']; 
$password = $_GET['password'];

 

I have no idea why this worked, but surely this is less secure as someone can see the URL if they are using a slow connection and someone looks at their screen?

 

If it helps, the submission form is:

<form id="contact" action="checklogin.php" method="get" name="login">
      <p>
            <label><span><strong>USERNAME:</strong></span>
              <input name="username" type="text" id="name" />
            </label>
        <label><span><strong>PASSWORD:</strong></span>
              <input name="password" type="password" />
        </label>
          </p>
      <p><a class="bulk" href="javascript:document.login.submit();">CLICK HERE TO LOG IN</a></p>
      <p> </p>
</form>

the reason why

$username = $_POST['username']; 
$password = $_POST['password'];

are not working is because you have set your form method to GET instead of POST.

In order to call the input values using $_POST you will need to change your form method to POST.

 

Also, the use of session_register is deprecated, the preferred method is $_SESSION

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.