[RESOLVED] mysql_fetch_assoc() error

djwinder

the below code if producing the following error:

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in C:\web\root\login1.php on line 39

i cant see why the error is being produced. there are values in the database that corispond to the values i am entering. please help.

<?PHP //loging for the admin 

include ('c:/web/db_connect.php');

if (!isset($_POST['submit'])) //if they haven't pressed the submit button, then show the form

{
    require ($_SERVER['DOCUMENT_ROOT']. '/includes/header.php');

?>

<tr>
<td width="780" colspan="4" border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">


<h2>Administrator Login</h2>

<form action="login1.php" method="post">
Username: <input type="text" name="username" /><br />
Password: <input type="password" name="password" /><br />
<input type="submit" name="submit" value="Login" /><br />
</form>

</td>
</tr>

<?php

require ($_SERVER['DOCUMENT_ROOT']. '/includes/footer.php'); 

}
else   //they pressed the button so process their input
{
   $query = "SELECT * FROM admin";
   $result = mysql_query($query);
   $query = mysql_fetch_assoc($result);

while ($row = mysql_fetch_assoc($query)) 
{
  if($_POST['username'] == $row['username'] && $_POST['password'] == $row['password'])             //if they got it right, let's go on  
     {
     session_start();
     session_register("mysessionvariable");                                         //set a variable for use later
     $id = session_id();                                 //let's grab the session ID for those who don't have cookies
     $url = "Location: admin.php?sid=" . $id;
     header($url);
     }


else     //they didnt log in correctly back to login

{   

require ($_SERVER['DOCUMENT_ROOT']. '/includes/header.php');

?>

<tr>
<td width="780" colspan="4" border="1" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">

<h2>Administrator Login</h2>

<p>Unfortunatly your Username or Password is Invalid<p><br />
<p>Please Try entering you details again<p><br />

<form action="login1.php" method="post">
  Username: <input type="text" name="username" /><br />
  Password: <input type="password" name="password" /><br />
  <input type="submit" name="submit" value="Login" /><br />
</form>


</td>
</tr>

<?PHP
require ($_SERVER['DOCUMENT_ROOT']. '/includes/footer.php'); 
}
}
}

?>

Drakla

Change this fragment of the code

$query = mysql_fetch_assoc($result);

while ($row = mysql_fetch_assoc($query))
{ ...

To:

while ($row = mysql_fetch_assoc($result))
    { ...

You're messing up your resources.

Houdini

Where are you connecting to the database is it in the db_connect.php?

Drakla

THere are also a few things 'wrong' with the code. session register is old hat, just use $_SESSION['var'] = whatever; and after you use a header to relocate then throw an exit in after or your script will still keep running. In your case you look covered as the conditions seem to separate output, but just do it as good practise.

djwinder

thanks very much everyone your all on form tonight cheers for all the advice. could you explain the $_SESSION code a bit more i dont want to make any changes if i dont understand totaly where im going with it

djwinder

oh and yeah the connection is within the db_connect.php that seems fine as its used throughtout the code without issue

bradgrafelman

I'll post a code snippet from the man page for [man]session_register/man ...

<?php
// Use of session_register() is deprecated
$barney = "A big purple dinosaur.";
session_register("barney");

// Use of $_SESSION is preferred, as of PHP 4.1.0
$_SESSION["zim"] = "An invader from another planet.";

// The old way was to use $HTTP_SESSION_VARS
$HTTP_SESSION_VARS["spongebob"] = "He's got square pants.";
?>

Basically, just use the second method there to store data in a session.

In the code you provided, it doesn't even look like you're storing anything in the session at all, so there's no need to even start one. If you do want to store or retrieve something in a session, just do a simple:

session_start();

$_SESSION['something'] = 'blahblah';

Then, on subsequent pages where you want to retrieve the data again, simply do

session_start();
echo $_SESSION['something'];

The scope and everything is exactly the same as other superglobals you're using ($POST, $SERVER, etc.), with the addition that you can store and change values as well.

I see you're passing the SID in the url as well. If you want to do this, and ensure it is handled correctly, you might want to call [man]session_id/man before [man]session_start/man if the variable is present, such as...

if(!empty($_GET['sid']))
    session_id($_GET['sid']);

session_start();