The follow is a snippet of code on a project that I am currently working on. The thing is, I am going to be using the adodb wraper and I am fairly new at that. The script errs on line 20 (marked //line 20 below). So, I think I have a syntax error or something that I am missing. I have found very little documentation on the adodb wraper, except that people say it works great. So I am having to do trial and error. Please let me know if you have any ideas on what to do.
Thanks!
<?
session_start();
session_register('auth');
session_register('logname');
include("universalconst.inc.php");
include ("adodb360/adodb.inc.php");
switch (@$do)
{
case "login":
$db = ADONewConnection('mysql');
$db->Connect($host, $user, $password, $database_name);
$result = $db->Execute("SELECT loginname FROM $memberstbl WHERE loginname='$fusername'");
if ($result === false) die("failed");
$num = mysql_num_rows($result);
if ($num == 1) //login name was found
{
$result = $db->Execute("SELECT loginname FROM $memberstbl WHERE loginname='$fusername' AND password=password('$fpassword')");
if ($result === false) die("failed");
//line 20 $result2 = mysql_query($result)
$num2 = mysql_num_rows($result2);
if ($num2 > 0) //password is correct
{
$auth="yes";
$logname=$fusername;
$today = date ("Y-m-d h:m:s");
$result3 = $db->Execute("INSERT INTO $logontbl (loginname,logintime)
VALUED ('$logname','$today')");
mysql_query($result3) or die ("Cannot execute query.");
header("Location: index.php");
}
else //password is not correct
{
unset($do);
$message = "The Login Name, '$fusername' exists but the password you entered is wrong. Please try again.<br>";
include("login_form.php");
}
}
elseif ($num == 0) //login name not found
{
unset($do);
$message = "The Login Name you entered does not exist. Please try again.<br>";
include("login_form.php");
}
break;
case "new":
foreach($HTTP_POST_VARS as $key => $value)
{
if ($key != "realname")
{
if ($value == "")
{
unset($do);
$message_new = "Required information is missing. Please try again.";
include("login_form.php");
exit();
}
}
if (ereg("{Name)",$key))
{
if (!ereg("^[A-Za-z' -] {1,50}$",$key))
{
unset($do);
$message_new = "$realname is not a valid name. Please type your correct name.";
include ("login_form.php");
exit():
}
}
$$key = strip_tags(trim($value));
}
if (!ereg("^.+@.+\\..+$",$email))
{
unset($do);
$message_new = "$email is not a valid e-mail address. Please try again.";
include("login_form.php");
exit();
}
$db = ADONewConnection('mysql');
$db->Connect($host, $user, $password, $database_name);
$result4 = $db->Execute("SELECT loginname FROM $memberstbl WHERE loginname='$newname'");
if ($result4 === false) die("failed");
$result5 = mysql_query($result4)
or die ("Couldn't execute query");
$num = mysql_num_rows($result5);
if ($num > 0)
unset($do);
$message_new = "$newname already used. Select another username.";
include("login_form.php");
exit();
}
else
{
$today = time(Y-m-d");
$result6 = $db->Execute("INSERT INTO $memberstbl (loginname,signedup,password,realname,email) VALUES
('$newname','$today',password('$newpass'),'$realname','$email')");
mysql_query($result6);
$auth="yes";
$logname = $newname;
header("Location: index.php");
//e-mail confirmation can go here
}
break;
default:
include("login_form.php");
}
?>
