PHP Login

[vasoftwaresolutions]

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/pacifij1/public_html/bluewavesvirtual/checklogin.php on line 23

 

Does any know what that means.. here is my code

 

<?php
$host="localhost"; // Host name 
$username="pacifij1_blue"; // Mysql username 
$password="8336994895"; // Mysql password 
$db_name="pacifij1_blue"; // Database name 
$tbl_name="pilot"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from signup form 
$callsign=$_POST['callsign']; 
$password=$_POST['password']; 
$first_name=$_POST['first_name']; 
$last_name=$_POST['last_name']; 


$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("callsign");
session_register("password"); 
session_register("first_name"); 
session_register("last_name"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- TemplateBeginEditable name="doctitle" -->
<title>Loading</title>
<!-- TemplateEndEditable -->
<!-- TemplateBeginEditable name="head" -->
<!-- TemplateEndEditable -->
</head>

<body>
</body>
</html>

[monkeypaw201]

Just as a recommendation for next time, don't put in your password and username  replace it with "user" and "pass" or something similar (Thats how you get hacked  )

[vasoftwaresolutions]

Anything on why its not working?

[derrick1123]

Monkey is right though...

Give me a second to look at it.

[vasoftwaresolutions]

that not my real login.. i just changed the password

[derrick1123]

Change:

$count=mysql_num_rows($result);

To:

$count=mysql_numrows($result);

[ohdang888]

ok so you're using sessions?

 

If you are using sessions on every page of your site... then do this...

 

the first and second lines should be...

 

<?

session_start();

session_destroy();

 

and then right before you do the session register, put "session_start();" before it...

[vasoftwaresolutions]

Change:

$count=mysql_num_rows($result);

To:

$count=mysql_numrows($result);

its giving me this now

"Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /home/pacifij1/public_html/bluewavesvirtual/checklogin.php on line 23"

[ohdang888]

go back to what you had before and try the sessions...

[derrick1123]

Change:

$count=mysql_num_rows($result);

To:

$count=mysql_numrows($result);

its giving me this now

"Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /home/pacifij1/public_html/bluewavesvirtual/checklogin.php on line 23"

 

Is that first set of code you gave us the checklogin.php?

[vasoftwaresolutions]

yes

[phpSensei]

Replace

 

$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

 

with

 

$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' and password='$password'";
$result=mysql_query($sql) or die(mysql_error());

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

[derrick1123]

Change:

if($count==1){

To:

if($count<0){

[ohdang888]

ohhhhhhhhh. i think i might see it...

 

try this..

 

$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' and password='$password'";

$result=mysql_query($sql) or die(mysql_error());

 

that will show you errors in your query, and that might be the root of the problem...

[phpSensei]

ohhhhhhhhh. i think i might see it...

 

try this..

 

$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' and password='$password'";

$result=mysql_query($sql) or die(mysql_error());

 

that will show you errors in your query, and that might be the root of the problem...

 

Wow, thats just what I posted.

 

@derick: your not solving the problem by doing that, infact that makes it worst.

[derrick1123]

lol I think you should change the IF statement part though. And if that doesn't work...try the mysql_error();

[PFMaBiSmAd]

mysql_numrows is an old depreciated function alias. Don't use it and don't suggest it as a solution, as it has nothing to do with the error.

 

Your mysql_query is failing, but your code has no error checking to get it to tell you what the problem is. You might have a session problem as well, because session_register() is also an old and depreciated function and only works when register globals are on.

 

To find your actual problem, change your mysql_query to the following -

 

$result=mysql_query($sql) or die("The fricken query has no error checking: " . mysql_error());

 

Edit: Third times the charm (error checking should have been the first suggestion.)

[derrick1123]

mysql_numrows is an old depreciated function alias. Don't use it and don't suggest it as a solution, as it has nothing to do with the error.

 

Sorry, I am old school. >.<

lol

[ohdang888]

ahahahah sorry phpsensi...

 

i had just just said that on the last topic i was on and it was fresh in my mind.... didn't mean to offend any1.... and this topic is going so fast i hadn't look through all the posts.....

 

but ya...

[vasoftwaresolutions]

ok it works now but i am getting this ... "Unknown column 'password' in 'where clause'"

[vasoftwaresolutions]

never mind about my last post.. but now its saying that i have this "Wrong Username or Password "

[derrick1123]

I don't know if this has anything to do with it but:

$sql="SELECT * FROM $tbl_name WHERE callsign='$callsign' AND password='$password'";

If changing the and to AND has nothing to do with it, please let me know.

[ohdang888]

check your spelling of everything, the code AND the db...

and if your table name is always "pilot" in this query, then just change it to `pilot` in the query.... less room for error...

 

idk... it seems redundant to use a variable for something that is always the same...

[derrick1123]

I don't know why but:

$result=mysql_query($sql);

Shouldn't that be:

$result=mysql_query("$sql");

 

???

[ohdang888]

well when you are registering users, are you using MD5 to protect passwords?? cuse then you have to use MD5 in the password field in queries that search by passwords...