function pass_results()
{
/* Username error checking */
if ($_POST['user'] == "") {
echo "<font color=\"#FF3300\">Please enter your username</font><br><br>";
return false;
}
if ($_POST['email'] == "") {
echo "<font color=\"#FF3300\">Please enter your email address</font><br><br>";
return false;
}
$username = $_POST['user'];
$email = $_POST['email'];
/* Let's strip all HTML and avoid encapsulated letters. */
$username = strip_tags($username);
$email = strip_tags($email);
/* Ensure username is in database */
$result = mysql_query("SELECT * FROM cms_users WHERE username = '$username'");
$result2 = mysql_query("SELECT * FROM cms_users WHERE email = '$email'");
if(mysql_num_rows($result) == 0){
echo "<font color=\"#FF3300\">User <b>$username</b>, does not exist</font><br><br>";
return false;
}
elseif(!validate_email($email)){
echo "<font color=\"#FF3300\">Please provide a valid email address</font><br><br>";
return false;
}
elseif(mysql_num_rows($result2) == 0){
echo "<font color=\"#FF3300\">Email not registered on system </font><br><br>";
return false;
}
Here is the first section of my code for this function. No matter what I do, it tells me the username does not exist when it clearly does and tells me the mysql_num_rows(): supplied argument is not a valid MySQL result resource. The values are getting posted correctly.
