checklogin.php error

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mikes1471
Forum Commoner
Posts: 88
Joined: Sat Jan 24, 2009 3:29 pm

checklogin.php error

Post by mikes1471 »

Hi Guys

This page worked perfectly until I ammended it slightly, then it came up with an error message, now after removing the ammendment I made the same error message appears whether I type in the correct login details or the wrong ones...?

Code: Select all

<?php
// Connect to server and select databse.
include_once "functions.php";
 
connect();
 
// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];
 
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
 
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password=MD5('$mypassword')";
$result=mysql_query($sql);
 
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
 
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
Why am I getting this error:


Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /var/www/vhosts/picfrisky.com/httpdocs/checklogin.php on line 21
Wrong Username or Password
Randwulf
Forum Commoner
Posts: 63
Joined: Wed Jan 07, 2009 7:07 am

Re: checklogin.php error

Post by Randwulf »

Sounds like your query is failing. Change line 18 to:

Code: Select all

 
$result=mysql_query($sql) or die("Error: ".mysql_error());
 
And see what it says then.
watson516
Forum Contributor
Posts: 198
Joined: Mon Mar 20, 2006 9:19 pm
Location: Hamilton, Ontario

Re: checklogin.php error

Post by watson516 »

is $tblname set anywhere?
mikes1471
Forum Commoner
Posts: 88
Joined: Sat Jan 24, 2009 3:29 pm

Re: checklogin.php error

Post by mikes1471 »

Thanks, I tried that and it returned:

"Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE username='mike' and password=MD5('password')' at line 1"

I dont see how its gone wrong as its been working fine for weeks :S
mikes1471
Forum Commoner
Posts: 88
Joined: Sat Jan 24, 2009 3:29 pm

Re: checklogin.php error

Post by mikes1471 »

watson516 wrote:is $tblname set anywhere?
No, I havnt specified it anywhere, this is functions.php

Code: Select all

Removed
Last edited by mikes1471 on Tue Feb 24, 2009 7:29 pm, edited 1 time in total.
Randwulf
Forum Commoner
Posts: 63
Joined: Wed Jan 07, 2009 7:07 am

Re: checklogin.php error

Post by Randwulf »

Yeah those SQL errors are annoying. It's probably the MD5() part. You can't use functions inside of strings like you can with variables, unless that's some arcane SQL thing that I'm not familiar with. Try MD5ing the password outside of the string and storing that as a variable, and using that instead.

Also, as watson implied, not defining $tbl_name would cause a problem I believe.
mikes1471
Forum Commoner
Posts: 88
Joined: Sat Jan 24, 2009 3:29 pm

Re: checklogin.php error

Post by mikes1471 »

Yeh I see your point in both cases, can someone advise me on what to write to select the db table please? is it $db_tbl

I'll get working on the variable for the MD5, I am miffed just because one minute the script works and the next it doesnt, all i tried to do was introduce a background image to the error page
Post Reply