----Query was empty---
at
---$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
    $result=@mysql_query($sql) or die(mysql_error()); ---


<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
<tr>
<td><img src="Logofinalcopy.gif"></td>
</tr>
<tr>
<td bgcolor="aqua"><h2>Login</h2></td>
</tr></table>
<table align="right" style="width:40%">
<br>
<tr>
<td>username:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="CENTER" COLSPAN="4">
<input TYPE="SUBMIT" name="submit" value="Login">
<input TYPE="reset" name="submit" value="clear"></td>
</tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
 $con = @mysql_connect("10.70.1.50","invensis","invensis");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
 $con_db=@mysql_select_db("database_myproject",$con);
if (!$con)
  {
  die('Could not connect DB: ' . mysql_error());
  }

  $username=$_POST['username'];
  $password=$_POST['password'];

  $username = stripslashes($username);
  $password = stripslashes($password);
  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);

  $flag="OK";  
  $msg=""; 
     
 if(strlen($username) < 1)
   {
          $msg=$msg."Please enter the username<br>";
          $flag="NOTOK"; 
   }
 if(strlen($password) < 1)
   {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";  
   }
  if($flag <>"OK")
  {
  echo "<strong style='color:#FF3333'>"."<left >Please enter Username or Password  </left>"."</strong>";
  }
  else
    {
    $sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
    $result=@mysql_query($sql) or die(mysql_error()); 

    $count= mysql_num_rows($result);
    echo "$count";
    if($count==1)
       {
            $sql = mysql_query("SELECT role FROM users WHERE username='$username' AND password='$password'");
            while($info = @mysql_fetch_array($sql))
            {
                if($info['role']=='Super Admin')
                {
                    @header('location: [url]http://localhost/Project/Superadmin.php');[/url]
                } 
                else if($info['role']=='Admin')
                {
                    @header('location: [url]http://localhost/Project/Admin.php');[/url]
                } 
                else if($info['role']=='User')
                {
                    @header("location: http://localhost/Project/User.php");
                } 
            }    
        
        } 
        else 
        {
            echo "<strong style='color:#FF3333'>Incorrect User Name OR Password</strong>";
        }
      
}
}
?>

hi

Your query will come like

"$sql="SELECT * FROM users WHERE username='".$username."' AND password='".$password."'";

Please try with this one and let me know if still any problem comes

Hiiee

Use This Query

$sql="SELECT * FROM users WHERE username="'.$username.'" AND password="'.$password.'" ";

InStead Of This

$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";

Check & Let Me Know If U Find Anything Else.

Do It For All Queries In Ur File. That Will Work.

Thanks.
ScmSimplyBest

Do one thing ,

echo you $sql variable in your script then write die(); so when you run code you will see that query only.

Now take that query and run it in PHPMYADMIN and check is it right or your get result from same ??

may be you can get some idea wheres the problem is ?

Best luck..