0

MYSQL QUERY

 <?php

 $host="******** "; // Host name 
  $username="lurnn"; // Mysql username 
  $password="Bondurant14!"; // Mysql password 
  $db_name="lurnn"; // Database name 
    $tbl_name="teachers"; // Table name 

    / / Connect to server and select databse.
    mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
   mysql_select_db("$db_name")or die("cannot select DB");

    // username and password sent from form 
     $myusername=$_POST['myusername']; 
       $mypassword=$_POST['mypassword']; 

     // To protect MySQL injection (more detail about MySQL injection)
     $myusername = stripslashes($myusername);
      $mypassword = stripslashes($mypassword);
      $myusername = mysql_real_escape_string($myusername);
      $mypassword = mysql_real_escape_string($mypassword);


   $sql = "SELECT * FROM $teachers WHERE username='myusername' and password='mypassword';"; 
   $result=mysql_query($sql);

   // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);

    // If result matched $myusername and $mypassword, table row must be 1 row
    if($count==1){

     // Register $myusername, $mypassword and redirect to file "login_success.php"
      session_register("myusername");
       session_register("mypassword"); 
       header("location:login_success.php");
         }
          else {
         echo "Wrong Username or Password";
          }

           ?>

ERROR MESSAGE I'M RECEIVING:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/content/88/10880688/html/checklogin.php on line 27 Wrong Username or PasswordYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE username='mattmclaren@gmail.com' and password='bondurant14'' at line 1

Matthieu McLaren
  • 224
  • 1
  • 4
  • 13

2 Answers2

1

You have to submit the form, what you are doing is using an anchor tag. On clicking the anchor tag the form doesn't submit values but instead tell the browser to follow the location. Which in your case is checklogin.php.

use 

<input type="submit" name="submit">

instead of 

<a class="btn-glow primary signup" input type="submit" name="submit" value="login" href="checklogin.php">Sign up</a>

Also if you want to submit the form on clicking the anchor tag you can use javascript.

Nouphal.M
  • 6,320
  • 1
  • 15
  • 27
  • Made change, still getting following error: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/content/88/10880688/html/checklogin.php on line 26 Wrong Username or Password – Matthieu McLaren Feb 05 '14 at 06:12
  • mysql_* functions are deprecated as of PHP 5.5, So if you have just started use PDO or mysqli instead. The problem is mysql_query return `FALSE` on failure try printing the query and see for any errors or you could use `mysql_error` to see what is the error. – Nouphal.M Feb 05 '14 at 06:20
  • Okay so I tried mysql_error and got this back: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/content/88/10880688/html/checklogin.php on line 27 Wrong Username or PasswordYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE username='mattrmclaren@gmail.com' and password='bondurant14'' at line 1. Still not making sense to me. That username and password is in the database. What is the issue? – Matthieu McLaren Feb 05 '14 at 06:43
  • can you show me the complete query – Nouphal.M Feb 05 '14 at 06:51
  • The complete query is above. Thanks for your help. – Matthieu McLaren Feb 05 '14 at 15:24
0

Try this in your PHP code:

$sql = "SELECT * FROM $tbl_name WHERE username='" . $myusername . "' and password='" . $mypassword . "';";

This might solve the problem.

Rahul Desai
  • 14,618
  • 18
  • 81
  • 134
  • Made change still get this error: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/content/88/10880688/html/checklogin.php on line 27 Wrong Username or PasswordUnknown column 'username' in 'where clause' – Matthieu McLaren Feb 05 '14 at 06:37
  • Try replacing this query with actual values, just for checking. EDIT: Make sure the values are surrounded by single quotes. – Rahul Desai Feb 05 '14 at 06:41
  • How would I go about doing that? – Matthieu McLaren Feb 05 '14 at 06:45
  • @MattMcLaren: `$sql = "SELECT * FROM $tbl_name WHERE username='the_username' and password='the_password';";` – Rahul Desai Feb 05 '14 at 07:35
  • See above. Just MYSQL query now. – Matthieu McLaren Feb 05 '14 at 15:20
  • @MattMcLaren I dont know if that query is correct. What I am trying to say is that you put the "actual" username and password as in your database and check if the query works. – Rahul Desai Feb 06 '14 at 03:34
  • I did put the username and password in the database and the query still doesn't work. The error I'm getting now, after some adjustment, is: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com and password=bondurant14' at line 1 – Matthieu McLaren Feb 06 '14 at 03:41
  • You can check out lurnn.com for yourself. I've been working on this for two days it's ridiculous. I'm used to mySQL I haven't coded in a while and now everyone is saying mySQL has been deprecated. – Matthieu McLaren Feb 06 '14 at 03:42