loonie35 Posted December 22, 2008 Share Posted December 22, 2008 whats the problem?[error]Warning: mysql_result(): supplied argument is not a valid MySQL result resource in C:\AppServ\www\sludinajumi\admin\index.php on line 10[/error] <?phprequire("../include/config.php");if(isset($_POST['user'])){ $user = quote_smart($_POST['user']); $password = quote_smart(md5($_POST['password'])); $result = mysql_query("SELECT COUNT(*) FROM users_yoy WHERE user = $user AND password = $password"); if(mysql_result($result,0,'COUNT(*)') > 0) { $_SESSION['ieligojies'] = 1; }}?><form method="post" action=""><table><tr><td>User:</td><td><input type="text" name="user"></td></tr><tr><td>Password:</td><td><input type="password" name="password"></td></tr><tr><td></td><td><input type="submit" value="Ieiet"></td></tr></table></form> in db all is right. Link to comment Share on other sites More sharing options...
jeffman Posted December 22, 2008 Share Posted December 22, 2008 mysql_query() is returning false, which you should be checking before doing anything with its return result.So why is it returning false? A possibility: do you have a quote_smart() function in your include file or anywhere else attached to this code? It's not built-in, but a lot of samples out there refer to such a function. You just need to have one.But why would you quote_smart an MD5 return value anyway? Or a username?It's also possible mysql_query() produced no results because the username and/or password were incorrect. Link to comment Share on other sites More sharing options...
deboni Posted December 23, 2008 Share Posted December 23, 2008 have you tried this way? $result = mysql_query("SELECT COUNT(*) FROM users_yoy WHERE user = '$user' AND password = password('$password')"); just in case the password (as it's supposed) was entered as hashed password.regardsregards Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.