0

---Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Program Files\Apache Group\Apache2\htdocs\Project\login.php on line 72----

<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>Username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
    $username=$_POST['username'];
    $password=$_POST['password'];
    $Username = stripslashes($username);
    $Password = stripslashes($password);
    $Username = mysql_real_escape_string($username);
    $Password = mysql_real_escape_string($password);

    if(strlen($Username) < 1)
    {
        $msg=$msg."Please enter the username<br>";
        $flag="NOTOK";
    }
    else if(strlen($Password) < 1)
    {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";
    }
    else
    {
        $flag="OK";
        $msg="";
    }



    if($flag != "OK")
    {
        echo "<br><br><br><br><br><strong style='color:#FF3333'>"."<right>Please enter Username/Password <br></right>"."</strong>";
    }
    else
    {
        $con = mysql_connect("10.70.1.50","invensis","invensis", true) or die('Could not connect: ' . mysql_error());                
        mysql_select_db("database_myproject", $con)or die('Could not connect DB: ' . mysql_error());


        $sql = "SELECT * FROM `Users` WHERE `Username`='$Username' and `Password`='$Password'";
       mysql_query($sql); 
        $count = mysql_num_rows($result);

        if($count == 1)
        {
            $sql = "SELECT Role FROM Users WHERE Username='$Username' and Password='$Password'";
            mysql_query($sql); 
            $info = mysql_fetch_array($result);


            if($info['Role']== '0')
            {
                @header("location: http://localhost/Project/Superadmin.php");
            }
            else if($info['Role']== '1')
            {
                @header("location: http://localhost/Project/Admin.php");
            }
            else if($info['Role']== '2')
            {
                @header("location: http://localhost/Project/User.php");
            }
        }
        else
        {
            echo "<br><br><br><br><br><strong style='color:#FF3333'><left>Incorrect UserName OR Password</left></strong>";
        }
    }
}
?>

Edited by Reverend Jim: Fixed formatting

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by as.bhanuprakash
0
$sql = "SELECT * FROM `Users` WHERE `Username`='$Username' and `Password`='$Password'";
mysql_query($sql); 
$count = mysql_num_rows($result);

In the above part you are missing the variable $result to recieve the resource returned by the mysql_query(). It should be ..

$sql = "SELECT * FROM `Users` WHERE `Username`='$Username' and `Password`='$Password'";
$result = mysql_query($sql); 
$count = mysql_num_rows($result);

Please use the code tags when you are including the code snippets in your posts.

Edited by mike_2000_17: Fixed formatting

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.