mysql killing it

[aznjay]

$check = $db_object->query("SELECT * FROM users WHERE username = '".$_POST['uname']."'");
is there something wron with the code i'm getting this error

"Fatal error: Call to a member function query() on a non-object in /home/aznjay/public_html/azn/login.php on line 35" and that is line 35

[aznjay]

can anyone diagnose this!!! please please please
[code]
<?php

// database connect script.

require 'db.php';

if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');

}


?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php

if (isset($_POST['submit'])) { // if form has been submitted


/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}

// authenticate.

if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}

$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['uname']."'");
if (DB::isError($check) || $check->numRows() == 0) {
die('That username does not exist in our database.');
}

$info = $check->fetchRow();

// check passwords match

$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);

if ($_POST['passwd'] != $info['password']) {
die('Incorrect password, please try again.');
}

// if we get here username and password are correct,
//register session variables and set last login time.

$date = date('m d, Y');

$update_login = $db_object->query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");

$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
$db_object->disconnect();
?>

<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>

<?php

} else { // if form hasn't been submitted

?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
[/code]

[sylesia]

not positive, but try moving the . to outside of the ' and not inside, or rather, get rid of them all together.  Not sure, but go ahead and try it.  Also, I don't believe there is need for the '" that you have, so get rid of the " also
$check = mysql_query("SELECT * FROM users WHERE username = '$_POST['uname']'");

[.josh]

you are treating regular variables as objects when they are not. You keep using $check as if it were an object of (I assume) some class inside db.php, when you didn't make it an object at all.  You assigned a sql query result source to it.  Then later on you use $db_object as (again, I assume) an object of some class inside db.php, but I don't see anywhere where you instantiated that either. 

Post the contents of db.php and we can help you out on what you should be using.

p.s.- sylesia: it doesn't matter that he has the $_POST seperated from the string like that.  That is okay.  Kinda sloppy for my tastes, but whatever floats his boat.  However, your suggested alternative is almost right.  In order for php not to get confused with the single quotes, you need to throw some { } around $_POST['uname'] like so:

[code]
"SELECT * FROM users WHERE username = '{$_POST['uname']}'"
[/code]