Members.php problem

sungirl848

The program I am trying to use is should create a replacted page for the new user with a user id # after they sign up . I believe the problem is in the members.php script can someone tell me what's missing? I can't figuare it out.
Everything else works fine but the new members page is not created and the user name and password is invalid.
Thanks
<?
session_start();

include("config.php");

if ($user == ")
{
print "<center>You have entered invalid account information! <a href=\"login.php\">Click here!</a></center>";
exit;
}

if ($pass == "")
{
print "<center>You have entered invalid account information! <a href=\"login.php\">Click here!</a></center>";
exit;
}

$member_info = mysql_query("SELECT * FROM members WHERE 'user' = '$user' AND 'pass' = '$pass'");
$member_info = mysql_fetch_object($member_info);

$db_user = $member_info->user;
$db_pass = $member_info->pass;
$id = $member_info->id;

if (($user == "$db_user" || $pass == "$db_pass"))
{
session_register("user");
session_register("pass");

print $id;
?>

acey

why the ' '

$member_info = mysql_query("SELECT * FROM members WHERE user = '$user' AND pass = '$pass'");

sungirl848

When I removed the ' ' around '$user' ($member_info = mysql_query("SELECT * FROM members WHERE user = '$user' AND pass = '$pass'"); I get this error when I log-in

Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/www/rodansystems/advertising_forum/members.php on line 21. Using the ' ' marks I don't get the error. But it's not creating the new user with a user id #

abc123

Try removing all the single quotes from the query. They shouldn't be needed.

sungirl848

Hi,
I tried that and it didn't make a difference. Maybe the problem is in the signup script. Please check and see if there is anything wrong with it. I took quotes off the quey an it give me an error.
<?
include("config.php");

$page = "signup.php?id=$id";

$id = $_GET['id'];

//(id,first_name,last_name,user,pass,email,upgrade,ref)

if (isset($submit))
{
mysql_query("INSERT INTO members (first_name,last_name,user,pass,email,upgrade,ref) Values ('$first','$last','$user','$pass','$email','$upgrade','$ref_user')");

// Retrieve new id for member

$new_member_id = mysql_query("SELECT * FROM members WHERE 'user' = '$user'");
$new_member_id = mysql_fetch_object($new_member_id);

$new_id = $new_member_id->id;

$sponsor_ads_id = mysql_query("INSERT INTO sponsor_ads (id) Values ('$new_id')");

$featured_ads_id = mysql_query("INSERT INTO featured_ads (id) Values ('$new_id')");

// End of query

print " <blockquote><blockquote><blockquote>Thanks for signing up! We have sent your login details to your email address $email! <a href=\"login.php\">Click here to login now!</a> Thanks, Admin <a href=$domain>$domain</a></blockquote></blockquote></blockquote>";

// Send email code goes here

$title = "New $title Account";
$message = "Hi $first,\n\nThanks for signing up with $title $domain\nYour Username is: $user\nYour Password is: $pass\n\nThanks,\nAdmin\n$domain\n\n";

mail("$email", "$title", $message,
"From: webmaster@{$SERVER['SERVER_NAME']}\r\n" .
"Reply-To: webmaster@{$SERVER['SERVER_NAME']}\r\n" .
"X-Mailer: PHP/" . phpversion());

exit;
}