Member Avatar for niths

--You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #10' at line 1---

<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>Username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
    $username=$_POST['username'];
    $password=$_POST['password'];
    $username = stripslashes($username);
    $password = stripslashes($password);
    
    if(strlen($username) < 1)
    {
        $msg=$msg."Please enter the username<br>";
        $flag="NOTOK";
    }
    else if(strlen($password) < 1)
    {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";
    }
    else
    {
        $flag="OK";
        $msg="";
    }



    if($flag != "OK")
    {
        echo "<br><br><br><br><br><strong style='color:#FF3333'>"."<right>Please enter Username/Password <br></right>"."</strong>";
    }
    else
    {
        mysql_connect("10.70.1.50","invensis","invensis") or die('Could not connect: ' . mysql_error());                
        mysql_select_db("database_myproject") or die('Could not connect DB: ' . mysql_error());
        $username = mysql_real_escape_string($username);
        $password = mysql_real_escape_string($password);


        $sql = "SELECT count(*) as count FROM Users WHERE username = '$username' and `password` = '$password'";
        $result = mysql_query($sql) or die(mysql_error());
        
        $row_count = mysql_fetch_array($result);
        
        $count = $row_count['count'];
        
        if($count == 1)
        {
            $sql = "SELECT role FROM Users WHERE username = '$username' and password = '$password'";
            $result = mysql_query($sql);
            $info = mysql_fetch_array($result);


            if($info['Role']== '0')
            {
                @header("location: http://localhost/Project/Superadmin.php");
            }
            else if($info['Role']== '1')
            {
                @header("location: http://localhost/Project/Admin.php");
            }
            else if($info['Role']== '2')
            {
                @header("location: http://localhost/Project/User.php");
            }
        }
        else
        {
            echo "<br><br><br><br><br><strong style='color:#FF3333'><left>Incorrect UserName OR Password</left></strong>";
        }
    }
}
?>
Edited by nav33n because: Use [code][/code] tags to wrap your code for easy readability.
  • 4 Contributors
  • 4 Replies
  • 340 Views
  • 6 Months Discussion Span
  • Latest Post Latest Post by richieking
nav33n commented: Don't create multiple threads asking the same question. -1

Recommended Answers

All 4 Replies

Member Avatar for ElegantElephant

This line:

$sql = "SELECT count(*) as count FROM Users WHERE username = '$username' and `password` = '$password'";
$result = mysql_query($sql) or die(mysql_error());

Should be:

$sql = "SELECT count FROM Users WHERE username = '$username' AND password = '$password'";
$result = mysql_query($sql) or die(mysql_error());

and

$sql = "SELECT role FROM Users WHERE username = '$username' and password = '$password'";
$result = mysql_query($sql);

should be

$sql = "SELECT role FROM Users WHERE username = '$username' AND password = '$password'";
$result = mysql_query($sql);
Edited by ElegantElephant because: n/a
Member Avatar for mothergoose3

I'm on LibraryThing, just going from one page to the next and up pops the following:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 455120)' at line 5
INSERT INTO books_readingnow (brn_booksid, brn_started, brn_ended, brn_usernum) VALUES (65412340, 1284955200, , 455120)
- fatal error (31.1)
I not only don't know what that meeans, other than the word syntax, but I don't know where this came from wor what MySQL server is. I read the earlier answers but I don't even know where to do that. I usually understand how to fix thing pretty well, but this one I can't figure out the answer let alone the question. Please help this apparently not as hip as I thought user.

Member Avatar for richieking

Howdy,

mothergoose3

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 455120)' at line 5
INSERT INTO books_readingnow (brn_booksid, brn_started, brn_ended, brn_usernum) VALUES (65412340, 1284955200, , 455120)
- fatal error (31.1)

rerun you insert again as

INSERT INTO books_readingnow (brn_booksid, brn_started, brn_ended, brn_usernum) VALUES (65412340, 1284955200,'', 455120);

Pay attention to the third insert value. its not ,, but ,'',. Also check with your table that that field can accept null.

Explore :)

Edited by richieking because: n/a
Member Avatar for richieking

howdy,

niths never use count(*) as count. no no no.

count is a mysql reserve word. besides that, your query should exe. ok.

Explore :)

Edited by richieking because: n/a
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.