hey, trying to make a user authentication system using php and mysql.
im quite new to working with databases so im piecing together a premade system but modifying it as I go along.
Im in the process of making a simple 'login.php' but im having trouble verifying that the username and password submitted in a form matches one of the members in my database.
heres my code in a file called member.php which is what the login form's action is:
//create short variable names
$username = $_POST['username'];
$password = $_POST['password'];
if ($username && $password)
// they have just tried logging in
{
// connect to db
$mysql_database="dbname";
$mysql_username="username";
$mysql_password="pass";
$dbconnect = mysql_connect("localhost",$mysql_username,$mysql_password) or die ("Unable to connect to SQL server");
mysql_select_db($mysql_database,$dbconnect) or die ("Unable to select database");
// check if username is unique
$qstr = mysql_query("select * from BWmembers where username='$username' and password = sha1('$password')")
or die ("Could not log you in.");
$result = mysql_query($qstr);
// check login info is correct
if (mysql_num_rows($results)) {
echo "Successful Login";
// set session username
$_SESSION['valid_user'] = $username;
}
else {
echo "Failed Login";
exit;
}
}
else {
echo "No login attempted";
}
the error message i keep receiving is:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/n3w/public_html/theodore/1/member.php on line 29
Failed Login - (this bits echo'd by the code)
ive looked at other scripts that seem to do it the same way as my code, but im not sure where ive gone wrong.
any help would be very apreciated,
thanks.
