954,597 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
6 Months Ago
Show Comments
-1

help with php

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\AppServ\www\Ayyam v3\gate.php on line 16

Warning: Cannot modify header information - headers already sent by (output started at C:\AppServ\www\Ayyam v3\gate.php:16) in C:\AppServ\www\Ayyam v3\gate.php on line 36

am new with php please help me
[php]
<?php
session_start();
require_once('Connections/connector.php');
$uid= $_POST['uid'];
$upw = md5($_POST['uPw']);


//manual sql search...
$userRec = mysql_query("select * from `user` where
`user`.`uid`='$uid'
AND
`user`.`uPw`='$upw';
");

//check number of user records found... only 1
$userRecFound = mysql_num_rows($userRec);

//check if above sql finds a record...
if($userRecFound==1){
//store user id in a session variable for later security...
$_SESSION['uid'] = $uid;
while($userRecFetcher=mysql_fetch_array($userRec)){
//if user type = admin
if($userRecFetcher['uType']=='admin'){
header("location: controlPanel.php");
}
//if user type = reg
elseif($userRecFetcher['uType']=='reg'){
header("location: controlPanelReg.php");
}

}
}
//if not in database...
else{
header("location: deny.php");
}


?>
[php]

thunder111
Newbie Poster
3 posts since Nov 2011
Reputation Points: 10
Solved Threads: 0
 
6 Months Ago
0

replace

//check number of user records found... only 1 
$userRecFound = mysql_num_rows($userRec);


with

//check number of user records found... only 1 
if(@mysql_num_rows($userRec)==1){
$userRecFound = 1;
}else{
$userRecFound = false;
}
Biiim
Posting Whiz
387 posts since Oct 2011
Reputation Points: 93
Solved Threads: 55
 
6 Months Ago
0

thanx alot for the helping

i just wonder why it takes me to the deny.php page although i added a new uid and uPw from the add new user page

thanx

thunder111
Newbie Poster
3 posts since Nov 2011
Reputation Points: 10
Solved Threads: 0
 
6 Months Ago
0

it's because mysql_num_rows(); will error when you don't pass a valid mysql result to it so it throws that error "expects parameter 1 to be a mysql resource"

Then it continued and $userRecFound != 1 so it ran the else statement header("location: deny.php");

which will error because text has already been printed to the page from the error and headers can't be sent after text has been output!

if the id and pass should of worked get the sql query printed out and run it yourself to see if theres an obvious error, it could just be that its not on 1 line, ive not tried running mysql in php with returns in it

echo "select * from `user` where `user`.`uid`='$uid' AND `user`.`uPw`='$upw'";

Biiim
Posting Whiz
387 posts since Oct 2011
Reputation Points: 93
Solved Threads: 55
 
6 Months Ago
0

yes it echo the id and the pass
i deleted all the users and i made a new one but the same
so is there anyway to suggest to me what to do ? please ?
thanx

thunder111
Newbie Poster
3 posts since Nov 2011
Reputation Points: 10
Solved Threads: 0
 
6 Months Ago
0

print out the vars to see whats happening such as

var_dump($userRecFound);

make sure it is (int 1) if it isn't the problem is the mysql_query, print out the query check the query runs right and returns 1 row.

if theres still a problem then check mysql_num_rows is setting $userRecFound to 1

on thing i do notice is you are using mysql_fetch_array(); which returns an array with no keys you want mysql_fetch_assoc(); so you can access the variables with their name.

see if this helps work it out, there was a semicolon in the end of your sql query btw

<?php
session_start();
require_once('Connections/connector.php');
if(ctype_alnum($_POST['uid'])){//stop code injection!
$uid= $_POST['uid'];
}else{
$uid = false;
}
echo 'uid '.$uid."\r\n";
$upw = md5($_POST['uPw']);


//manual sql search...
$query = "select * from `user` where `user`.`uid`='$uid' AND `user`.`uPw`='$upw'";
echo 'query '.$query."\r\n";
$userRec = mysql_query($query) or die(mysql_error());

//check number of user records found... only 1 
if(@mysql_num_rows($userRec)==1){
$userRecFound = 1;
echo 'record found'.$userRecFound."\r\n";
}else{
echo 'record not found '.$userRecFound."\r\n";
$userRecFound = false;
}

//check if above sql finds a record...
var_dump($userRecFound)."\r\n";
if($userRecFound==1){
//store user id in a session variable for later security...
echo 'userRecFound == 1'."\r\n";
$_SESSION['uid'] = $uid;
while($userRecFetcher=mysql_fetch_array($userRec)){
var_dump($userRecFetcher);
//if user type = admin
if($userRecFetcher['uType']=='admin'){
//header("location: controlPanel.php");
echo 'usertype is admin'."\r\n";
}
//if user type = reg
elseif($userRecFetcher['uType']=='reg'){
//header("location: controlPanelReg.php");
echo 'usertype is reg'."\r\n";
}else{
echo 'usertype had no match'."\r\n";
}

}
}
//if not in database...
else{ 
//header("location: deny.php");
echo 'access denied'."\r\n";
}
Biiim
Posting Whiz
387 posts since Oct 2011
Reputation Points: 93
Solved Threads: 55
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
View similar articles that have also been tagged:
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed