Page 1 of 1

what is the correct syntax of mysql_fetch_row?

Posted: Sat Aug 19, 2006 6:04 pm
by chrchcol
Here is the code I am using

Code: Select all

$result = mysql_query($query);


if (mysql_fetch_row ($result))
  echo "Access Granted: Welcome,  $user !";
else
  echo "Access Denied: Invalid Credentials.";

mysql_close($server);  
?>

Here is the message it returns to me
Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in C:\Program Files\xampp\htdocs\xampp\test\validate.php on line 20
Access Denied: Invalid Credentials.
Where am I going wrong?

Posted: Sat Aug 19, 2006 6:09 pm
by chrchcol
Well that turned out to be stupid it wanted a ; at the end.

But now I get this message
Parse error: parse error, unexpected T_ELSE in C:\Program Files\xampp\htdocs\xampp\test\validate.php on line 22
Is this also needed the ;
[/quote]

Posted: Sat Aug 19, 2006 6:14 pm
by daedalus__
Could we see the whole script?

There are still things wrong with it.

What does $user equal?

I don't see it defined.

mysql_fetch_row() isn't assigned to a variable either. You are fetching the rows into outer space.

Posted: Sat Aug 19, 2006 6:26 pm
by chrchcol
Here it is:

Code: Select all

<?php

$user = $_POST["userid"];
$pass = sha1($_POST["password"]);

$server = mysql_connect("localhost", "username",
          "password");

if (!$server) die(mysql_error());
mysql_select_db("login");
$query = "SELECT * FROM Users WHERE User = '$user'
AND Password = '$pass'";

$result = mysql_query($query);

if (mysql_fetch_row ($result))

 echo "Access Granted: Welcome,  $user !";
else
 
 echo "Access Denied: Invalid Credentials.";

mysql_close($server);  
?>

Posted: Sat Aug 19, 2006 6:30 pm
by Jenk
dude, seriously.. use [syntax=php][/syntax] tags.

You are receiving that error because the query, or connection is failing, thus $result == false.

Posted: Sat Aug 19, 2006 6:35 pm
by volka
try

Code: Select all

<?php
if ( !isset($_POST['userid'],$_POST['password'])) {
	die('no userid and/or password given');
}

$server = mysql_connect('localhost', 'username', 'password') or die(mysql_error());
mysql_select_db('login', $server) or die(mysql_error());

$user = mysql_real_escape_string($_POST['userid'], $server);
$pass = sha1($_POST['password']);

$query = "SELECT
		Count(*) as c
	FROM
		Users
	WHERE
		User='$user'
		AND Password='$pass'";

$result = mysql_query($query) or die(mysql_error());

$row = mysql_fetch_array($result, MYSQL_ASSOC);
if ( false===$row ) {
	echo 'sql error, count did not return a record';
}
else if( 1!=$row['c'] ) {
 die('Access Denied: Invalid Credentials.');
}
else {
 echo 'Access Granted: Welcome, ', htmlentities($_POST['userid']), '!';
} 
?>

Posted: Sat Aug 19, 2006 6:45 pm
by chrchcol
That worked great and helped me understand where I went wrong with the first.

Thank you
Chris

Posted: Sat Aug 19, 2006 6:50 pm
by chrchcol
Is there a way to compare users if the username is admin it will open one page, if the username is anything else it would open another page?

Chris

Posted: Sat Aug 19, 2006 7:25 pm
by feyd
chrchcol wrote:Is there a way to compare users if the username is admin it will open one page, if the username is anything else it would open another page?
The manual is your new best friend. http://php.net/language.operators.comparison