Trouble with PHP MySQL code

August 3rd, 2008, 6:23 pm

I am having trouble with some code and i haven't had this problem before. i cant figure out the problem.

Code: [ Download ] [ Select ]

<?php
//check user against global database

$email=$_GET['email'];
$password=$_GET['password'];

$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("users", $con);

$result = mysql_query("SELECT * FROM users WHERE email='".$email."'");

while($row = mysql_fetch_array($result))
{
    $username=$row['username'];
}
mysql_close($con);

//check user against individual database

$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db($username, $con);

$result = mysql_query("SELECT * FROM details WHERE password='".$password."'");

while($row = mysql_fetch_array($result))
{
echo "Logged in";
}
mysql_close($con);

?>

1. <?php
2. //check user against global database
4. $email=$_GET['email'];
5. $password=$_GET['password'];
7. $con = mysql_connect("localhost","root","");
8. if (!$con)
9. {
10. die('Could not connect: ' . mysql_error());
11. }
13. mysql_select_db("users", $con);
15. $result = mysql_query("SELECT * FROM users WHERE email='".$email."'");
17. while($row = mysql_fetch_array($result))
18. {
19.     $username=$row['username'];
20. }
21. mysql_close($con);
23. //check user against individual database
25. $con = mysql_connect("localhost","root","");
26. if (!$con)
27. {
28. die('Could not connect: ' . mysql_error());
29. }
31. mysql_select_db($username, $con);
33. $result = mysql_query("SELECT * FROM details WHERE password='".$password."'");
35. while($row = mysql_fetch_array($result))
36. {
37. echo "Logged in";
38. }
39. mysql_close($con);
41. ?>

Thanks in advance

August 3rd, 2008, 6:26 pm

Some more info, all the database, table and field names are existing and correct. all the fields contain test data as well.

[spork]

August 3rd, 2008, 6:44 pm

What's the problem?

August 3rd, 2008, 6:58 pm

Oh crud, i can be a (richard cranium)sometimes.

Code: [ Download ] [ Select ]

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\partyprowl.com\includes\login.php on line 35

Sorry

[spork]

August 3rd, 2008, 7:08 pm

Richard Cranium

There's probably something wrong with your SQL query. Try replacing this

PHP Code: [ Download ] [ Select ]

$result = mysql_query("SELECT * FROM users WHERE email='".$email."'");

with this

PHP Code: [ Download ] [ Select ]

$result = mysql_query("SELECT * FROM users WHERE email='".$email."'");
 
if( $result === false ) {
   die(mysql_error());
}

1. $result = mysql_query("SELECT * FROM users WHERE email='".$email."'");
2.  
3. if( $result === false ) {
4.    die(mysql_error());
5. }

That should spit out any MySQL errors that happen during the query and provide some insight into the problem.

August 3rd, 2008, 7:14 pm

I just tried that

Code: [ Download ] [ Select ]

<?php
//check user against global database

$email=$_GET['email'];
$password=$_GET['password'];

$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("users", $con);

$result = mysql_query("SELECT * FROM users WHERE email='".$email."'");

if( $result === false ) {
    die(mysql_error());
}

while($row = mysql_fetch_array($result))
{
    $username=$row['username'];
}
mysql_close($con);

//check user against individual database

$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db($username, $con);

$result = mysql_query("SELECT * FROM details WHERE password='".$password."'");

while($row = mysql_fetch_array($result))
{
echo "Logged in";
}
mysql_close($con);

?>

1. <?php
2. //check user against global database
4. $email=$_GET['email'];
5. $password=$_GET['password'];
7. $con = mysql_connect("localhost","root","");
8. if (!$con)
9. {
10. die('Could not connect: ' . mysql_error());
11. }
13. mysql_select_db("users", $con);
15. $result = mysql_query("SELECT * FROM users WHERE email='".$email."'");
17. if( $result === false ) {
18.     die(mysql_error());
19. }
21. while($row = mysql_fetch_array($result))
22. {
23.     $username=$row['username'];
24. }
25. mysql_close($con);
27. //check user against individual database
29. $con = mysql_connect("localhost","root","");
30. if (!$con)
31. {
32. die('Could not connect: ' . mysql_error());
33. }
35. mysql_select_db($username, $con);
37. $result = mysql_query("SELECT * FROM details WHERE password='".$password."'");
39. while($row = mysql_fetch_array($result))
40. {
41. echo "Logged in";
42. }
43. mysql_close($con);
45. ?>

I got the same error.

Code: [ Download ] [ Select ]

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\partyprowl.com\includes\login.php on line 39

August 3rd, 2008, 8:40 pm

Thanks for the help i figured it out...i was using post in the form to send the data and $_GET in the php to catch it. So there was no data. I should have been using $_POST.
Thanks for you help tho.

[spork]

August 3rd, 2008, 9:25 pm

No problem, glad you got it figured it out.

[righteous_trespasser]

August 4th, 2008, 12:11 am

Just a quick thing though ... it seems like that thing might log the wrong people in ... because this part:

Code: [ Download ] [ Select ]

$result = mysql_query("SELECT * FROM details WHERE password='".$password."'");
while($row = mysql_fetch_array($result))
{
echo "Logged in";
}
mysql_close($con);

1. $result = mysql_query("SELECT * FROM details WHERE password='".$password."'");
2. while($row = mysql_fetch_array($result))
3. {
4. echo "Logged in";
5. }
6. mysql_close($con);

chooses where the password is equal to the one typed in, but I could just type in a wrong password, and maybe I used someone else's password ... Or it could return more than one row ... and it's just going to log that user in either way ...

I would just rather change the query to something like:

Code: [ Download ] [ Select ]

"SELECT * FROM details WHERE password='".$password."' AND username='".$username."'"

That way if it does return a row it is the correct one ...

August 7th, 2008, 5:22 pm

Um yeah it checks the database for a user match first and if the user exists it then checks the database for a matching password. It had to be set up this way because each user has their own database. So for it to work it checks the user name on a global database and if the user exists it checks their password on their user specific database.
Thanks tho.