Http session/login script Problems
Posted: Wed Jun 18, 2003 12:41 pm
I have been developing this code, and I keep getting different errors. I want the end result of logging in and using cookies to track sesssions.
I keep getting this error Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9
Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9
I keep getting this error Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9
Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9
Code: Select all
<?
if (isset($_POST['submit'])) {
require_once("./config.php");
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>Forgot Username</p>';
} else {
$u = escape_data($_POST['username']);
}
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>Forgot Password</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) { //everything checks
$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=
PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
//Start Session
session_start ();
$_SESSION['first_name'] = $row[1];
$_SESSION['user_id'] = $row[0];
header ("Location: http://" . $_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) . "/loggedin.php");
exit ();
} else {
$message = '<p>Not Match</p>';
}
mysql_close();
} else {
$message = '<p>Try Again</p>';
}
}
$page_title='Login';
include("./config.php");
if (isset($message)) {
echo '<font color="red">',$message,'</font>';
}
?>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" Method="post">
<p><b>User Name</b> <input type="text" name="username" size="10" maxlength="20" value="<? if
(isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><b>Password:</b><input type="password" name="password" size="20" maxlength="20" /></p>
<p><input type="submit" name="submit" value="login" /></p>
</form>