Hello,
I'm trying to code an administrator login form wich basically checks what username and password were inputted by the form, then looks in the database to see if the password corresponding to the entered username is right.
Me and a buddy that helped me out came to this code:
(the form)
<head><title>Administrator Login</title></head>
<body>
<form method="post" action="admincp.php">
Username: <input type="text" name="user" size="20"><br>
Password: <input type="password" name="password" size="20"><br>
<input type="submit" value="Log-on">
</body>
(the PHP page)
<?php
$db_name = "novaz3ro";
$connect = mysql_connect('localhost','novaz3ro','password removed');
$db = mysql_select_db($db_name,$connect);
?>
<head><title>Admin Control Panel</title></head>
<body>
<?php
$query = ("SELECT pwd FROM administrators WHERE usr = $user", $connect);
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$password_check = $row['pwd'];
}
if ($password === $password_check) {
echo "Login Successful!";
}
else {
echo "Login Failed";
}
?>
</body>
The code keeps on displaying this error:
Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home3/novaz3ro/public_html/admin/admincp.php on line 12
Login Failed
if you want to see the 'script' in action, copy and paste this URL: http://cgi-bin.spaceports.com/~novaz3ro/admin
the username is 'Blue Mage' and the password word is 'beta'. (don't forget to remove the quotation marks)
me and my friend are stumpped and don't know what to do, so I decided to come here.
Thanx so much,
-Henri
