I have this code and when i try run it i got a menssage"PHP Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\AppServ\www\bla bla bla.......... on line 15

i will thankfull if anybody can help me
------------

<?php
session_start();

if ($userid && $password)
{
// si el usuario ha intentado hacer log in

$db_conn=mysql_connect("localhost","root","mysql");
mysql_select_db('proyecto',$db_conn);
$query="select * from auth"          
       ."where name='$userid'"
       ."and pass=password('$password')";
$result=mysql_query($query,$db_conn);
if (mysql_num_rows($result)>0)                         //     <-----  THIS IS THE LINE 15
{
// si estan en la base de datos registra la id de usuario
$valid_user=$userid;
session_register("valid_user");
}
}
?>
<html>
<body>
<h1>Página Inicio</h1>

<?php
if (session_is_registered("valid_user"))
{
echo "Ahora estas logged in como: $valid_user <br>";
echo "<a href=\"logout.php\">Log out</a><br>";
}
else
{
if(isset($userid))
{
// si han intentado hacer login y ha fallado
echo "No has podido hacer login";
}
else 
{
// si no han intentado hacer login o han hecho logged out
echo "Ahora estas logged out.<br>";
}

// provee el formulario para hacer log in
echo "<form method=post action=\"authmain.php\">";
echo "<table>";                                                  
echo "<tr><td>Userid:</td>";
echo "<td><input type=text name=userid> </td></tr>";
echo "<tr><td>Contraseña:</td>";
echo "<td><input type=password name=password> </td></tr>";
echo "<tr><td colspan=2 aling=center>";
echo "<input type=submit value=\"Log in\"> <td></tr>";
echo "</table></form>";
}
?>
<br>
<a href="members_only.php">Sección de Miembros</a>
</body>
</html>

if (mysql_num_rows($result)>0)

change it to this:

if (mysql_num_rows($result) != 0)

if you need to check, when there is no record

if (mysql_num_rows($result) != 0)
{
/* your code goes here */
}
else
{
print "there is no record";
}

I don't know y u r gating warning but as I see u code there is no problem.u just try to use an alternativ way for this try to use
$query="select count(*) from auth"
."where name='$userid'"
."and pass=password('$password')";

while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
printf("UserID: %s Password: %s", $row[0], $row[1]);
}


for the same purpus i right some code which was as follow

if($row = mysql_fetch_array($result))
            {
                
                header('Location: wellcome.php');
            }
            else
            {    
                $message='Invalid User or Password';                
            }

what is thet there??

."and pass=password('$password')";

guess it should be:
."and pass='$password'";

your code work with me in this way

$query="select * from auth where name='" . $userid . "' and pass='" . $password . "')";

i continous with the same problem, maybe, the problem is in another place.

Hello,

Change the following:

$result=mysql_query($query,$db_conn);

to

$result=mysql_query($query,$db_conn) or die(mysql_error());

Now you should see where the problem is :-)

Regards,

Kevin Dougans

Hello,

Change the following:

$result=mysql_query($query,$db_conn);

to

$result=mysql_query($query,$db_conn) or die(mysql_error());

Now you should see where the problem is :-)

Regards,

Kevin Dougans

it has no sense

it has no sense

Yes it does... because the PHP has just told him that $result is not a valid php/mysql response.

My fix will tell him where the problem is, which almost certainly is in his SQL statement. For example the password field may actually be called "pword" instead of "password" and thats why it can't return a valid result.

You have a problem in the way your query string is written (because of the way you wrote it, you missed some spaces, between auth and where and between '$userid' and and:

$query="select * from auth" 
."where name='$userid'"
."and pass=password('$password')";

this query is, in fact, this:

$query="select * from authwhere name='$userid'and pass=password('$password')";

which, obviously, is wrong;
And the part with the password is probably wrong: it should probably be pass='$password'

So, try this query in your script:

$query="select * from auth where name='$userid' and pass='$password'";

Since you don't escape the userid and password variables, you are also in trouble if any of them contains a ' or " or # and maybe other special characters.

Also, from the way your script looks, it seems to me that you are using register_globals = on. This is very bad. Set it to off and get your post variables like this:

$userid = $_POST['userid'];
$password = $_POST['password'];
This article has been dead for over six months. Start a new discussion instead.