Where am I screwing up?

sethcox

Here's my code:

$conn = odbc_connect( 'UserLog', 'root', '' );

$query = "SELECT FROM login WHERE username = '$username' AND password = '$password'";

$result = odbc_exec($conn, $query);

$num = odbc_num_rows($result);

if ($num != "0") {
echo "<p>You're authorized!</p>";

	} else {	

		echo "<p>NOT authorized!</p>";




	};

What am I doing wrong? I get:

Warning: SQL error: [Microsoft][ODBC Microsoft Access Driver] The SELECT statement includes a reserved word or an argument name that is misspelled or missing, or the punctuation is incorrect., SQL state 37000 in SQLExecDirect in c:\sites\phpsite\login.php login.php on line 10

Warning: Supplied argument is not a valid ODBC result resource in c:\sites\phpsite\login.php\login.php on line 12

You're authorized!

Thanks for all help,

Justin

Anon

};??

just

}

last line

Anon

Thanks, but that didn't fix the problems. Something's wrong with lines 8 and 10.

Line 8 is....$result =

Line 10 is....$num =

Any other ideas?'

Thanks!

kparker

Two places:

(1) You need a column list (or * for everything) after SELECT. You seem to have omitted this.

(2) The second error message is just a cascading error caused by not checking the return value of odbc_exec(). If it's null, the query failed, so you can't use the result handle for anything. (For that matter, the same principle applies to odbc_connect(), too.)