Soldato
Ok basically i have adapted some code from tutorials for a protoype but i cannot for the life of me get this login form to work.
i get this error
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/futuret7/public_html/breakdownapp.co.uk/checklogin.php on line 26
Here is my login .php
and here is my checklogin.php
i get this error
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/futuret7/public_html/breakdownapp.co.uk/checklogin.php on line 26
Here is my login .php
Code:
<!DOCTYPE html>
<html>
<head>
<title>RSA Breakdown Assistance</title>
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.0a4.1/jquery.mobile-1.0a4.1.min.css" />
<script src="http://code.jquery.com/jquery-1.5.2.min.js"></script>
<script src="http://code.jquery.com/mobile/1.0a4.1/jquery.mobile-1.0a4.1.min.js"></script>
<style>.ui-page { z-index: 1}
.ui-header { z-index: 10 }
.ui-header * { z-index: 20 }
</style>
</head>
<body>
<div data-role="page" id="login">
<div data-role="header" data-position="fixed" data-theme="b">
<h1>RSA Location Finder Login</h1>
<a href="" data-icon="refresh" data-theme="a" data-iconpos="notext" class="ui-btn-right"></a>
</div><!-- /header -->
<div data-role="content" data-theme="b">
<form action="checklogin.php" method="post" data-ajax="false" > <div data-role="fieldcontain" >
<label for="myusername">Membership Number:</label>
<input type="text" name="myusername" id="myusername" value="" />
</div>
<div data-role="fieldcontain">
<label for="mypassword">Password Input:</label>
<input type="password" name="mypassword" id="mypassword" value="" />
<input id="Submit1" type="submit" value="Login" data-role="button" data-inline="true" />
</form>
</div>
</div>
<div data-role="footer" data-theme="b" data-position="fixed"><a href="#bar"data-rel="dialog" data-transition="slideup" data-role="button" data-icon="arrow-u">Help</a>
</div><!-- /footer --><!-- /page -->
</body>
</html>
and here is my checklogin.php
Code:
<?php
$host="localhost"; // Host name
$username="XXXXXr"; // Mysql username
$password="XXXXX"; // Mysql password
$db_name="XXXX"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>