this is my login function:

function doLogin($username, $password) {
        include ("global.php");
        $conn = mysql_connect($DB_HOST, $DB_USER, $DB_PASS);

  if (!$conn)
  {
    return 2;
  }

  mysql_select_db($dbnames[$DATABASE_MAPLESTORY]);

	$result = mysql_query("SELECT * FROM `accounts` WHERE `name` = '" . $username . "'");

	if (mysql_num_rows($result) < 1) {
            mysql_close($conn);
            return 1;
        }
	
	$row = mysql_fetch_array($result);
	mysql_free_result($result);
        mysql_close($conn);
	
	if (!empty($row['salt']))
	{
		//Make a salted password string
		$saltedstr = hash("SHA512", $password . $row['salt']);
		
		if ($saltedstr != $row['password'])
		{
			return 1;
		}
	}
	else
	{
		//There is no salt, probably because he/she never logged in on the game
		
		//We will just do the regular check here
		if (sha1($password) != $row['password'])
		{
			return 1;
		}
	}
        

	//All ok! =]
	session_start();
	$_SESSION['id'] = $row['id'];
        $_SESSION['name'] = $row['name'];
	$_SESSION['loggedin'] = $row['loggedin'];
	$_SESSION['lastlogin'] = $row['lastlogin'];
	$_SESSION['createdat'] = $row['createdat'];
	$_SESSION['birthday'] = $row['birthday'];
	$_SESSION['banned'] = $row['banreason'];
	$_SESSION['gm'] = $row['gm'];
	$_SESSION['email'] = $row['email'];
	$_SESSION['lastpwemail'] = $row['lastpwemail'];
	$_SESSION['tempban'] = $row['tempban'];
	$_SESSION['greason'] = $row['greason'];
	$_SESSION['nxCash'] = $row['nxCash'];
	$_SESSION['mPoints'] = $row['mPoints'];
	$_SESSION['gTokens'] = $row['gTokens'];
        $_SESSION['weblogged'] = "true";
	
	header('Location: ' . $ROOT_PAGE);

  return 0;
    }

and my login section just contains this:

<?PHP
    session_start();
    include("globals/global.php");
    include("globals/functions.php");
    echo ('<h1><span>Login</h1></span>
      <p></p>');
	if (!empty($_POST['username']) && !empty($_POST['password']))
	{
		if (doLogin($_POST['username'], $_POST['password']) == 1)
		{
			echo "The username and password provided did not match.";
		}
	}
             echo('<form action="');$_SERVER['PHP_SELF'];echo('" method="post">
                           Username: <input type="text" name="username" value=""> <br />
                           Password: <input type="password" name="password" value=""> <br />
                           <input type="image" name="submit" src="images/login.gif" alt="Login">
          ');
    ?>

now whenever I try to log in .. i keep on getting this error:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\globals\functions.php on line 35
The username and password provided did not match.

Help please?

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\globals\functions.php on line 35
The username and password provided did not match.

The error you have mentioned is from my experience, has always been the result of an invalid Mysql query. And I would say that your Mysql query has become invalid from an invalid database connection.

mysql_select_db($dbnames[$DATABASE_MAPLESTORY]);

	$result = mysql_query("SELECT * FROM `accounts` WHERE `name` = '" . $username . "'");

So above are the lines which I believe are needed to be focused on and need altering. So first alter the mysql_select_db line so instead of an array inside the brackets, as a test place the database name (not table name). Then for the Mysql query, add the optional variable at the end which I think is the connection variable. So the above should look something like below:

mysql_select_db("database name");

	$result = mysql_query("SELECT * FROM `accounts` WHERE `name` = '" . $username . "'",$conn);

So the above code is just roughly what it should be but the syntax can be checked at www.php.net

and also try these lines and tel me what you got there:

echo $r="SELECT * FROM `accounts` WHERE `name` = '" . $username . "'";
	$result = mysql_query($r);

Hey your first answer worked :)
now everything related to checking the user in the db works allright but at this point

session_start();
$_SESSION['id'] = $row['id'];
    $_SESSION['name'] = $row['name'];
$_SESSION['loggedin'] = $row['loggedin'];
$_SESSION['lastlogin'] = $row['lastlogin'];
$_SESSION['createdat'] = $row['createdat'];
$_SESSION['birthday'] = $row['birthday'];
$_SESSION['banned'] = $row['banreason'];
$_SESSION['gm'] = $row['gm'];
$_SESSION['email'] = $row['email'];
$_SESSION['lastpwemail'] = $row['lastpwemail'];
$_SESSION['tempban'] = $row['tempban'];
$_SESSION['greason'] = $row['greason'];
$_SESSION['nxCash'] = $row['nxCash'];
$_SESSION['mPoints'] = $row['mPoints'];
$_SESSION['gTokens'] = $row['gTokens'];
    $_SESSION['weblogged'] = "true";

header("Location: index.php");

i get this error :

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\index.php:7) in C:\xampp\htdocs\globals\functions.php on line 85

Edited 3 Years Ago by mike_2000_17: Fixed formatting

use session_start only once..
means use at your page which is having the above code which you have posted above..
remove session_start(); line from your function.php page..
and also use ob_start(); after your session_start(); line....

This function will turn output buffering on. While output buffering is active no output is sent from the script (other than headers), instead the output is stored in an internal buffer.
means...
ob_start() just turns on output buffering. It means the web server doesn't start sending output to the browser until the page is complete and it's a big performance enhancer.

oh thanks :)
On a side note: hey your an indian.. where in india??

This question has already been answered. Start a new discussion instead.