Errors - Need Help

I am getting the following errors:


Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/habat/public_html/housekeeping/login_system/login.php on line 24

Warning: Cannot modify header information - headers already sent by (output started at /home/habat/public_html/housekeeping/login_system/login.php:24) in /home/habat/public_html/housekeeping/login_system/login.php on line 26

Here is the code that it is coming from:

elseif($act == "auth") //if our page action = auth
{
  $user = $_POST['user']; //pulls the username from the form
  $pw = $_POST['pass']; //pulls the pass from the form
  $pass = md5($pw); //makes our password an md5
  include("includes/connect.php"); //connects to our mysql database
  $login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); //selects info from our table if the row has the same user and pass that our form does
  if(!mysql_num_rows($login)) //if the username and pass are wrong
  {
        header("Location: login.php");  //redirects to our login page
        die(); //stops the page from going any further
  }

The second error is related to the first; the output from the first error is sending HTML Headers.

The first error is occuring because your query is failing. Try this.


  $sql = "SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`";
  echo $sql;
  $login = mysql_query($sql); //selects info from our table if the row has the same user and pass that our form does
  echo mysql_error();
  if(!mysql_num_rows($login)) //if the username and pass are wrong

SELECT * FROM users WHERE user = ‘Bobby’ AND pass = ‘9c48ab74ee99a2d90482b3af2a2c1aecYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''9c48ab74ee99a2d90482b3af2a2c1aec’ at line 1
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/habat/public_html/housekeeping/login_system/login.php on line 27

Warning: Cannot modify header information - headers already sent by (output started at /home/habat/public_html/housekeeping/login_system/login.php:24) in /home/habat/public_html/housekeeping/login_system/login.php on line 29

Does that help any better? Thanks so much for your help.

Yup. Take a -reeeeeeal- close look at your query…

$sql = "SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass[COLOR="Red"]`[/COLOR]";

I spy with my little eye a backtick that should be a quotation mark…

Thank you so much for that.

I still get this error though. It is the first error. What might it be caused from?

Warning: Cannot modify header information - headers already sent by (output started at /home/habat/public_html/housekeeping/login_system/login.php:24) in /home/habat/public_html/housekeeping/login_system/login.php on line 29

Warning: Cannot modify header information - headers already sent by (output started at /home/habat/public_html/housekeeping/login_system/login.php:24)

Line 24 would be…

include(“includes/connect.php”);

So is there something in that file that sends output?

if(!mysql_num_rows($login)) //if the username and pass are wrong
{
header(“Location: login.php”); //redirects to our login page
die(); //stops the page from going any further
}

So, do I just remove one?

Well if your include needs to send output, what you could do is


echo "<script type='text/javascript'>window.location = 'login.php'</script>";
die();

Which will use javascript to bounce the user on, rather than a header.

I replaced the one with the code in both of the files, and when I replaced it in login.php, it gave me errors, and when I replaced it in protect.php, it just refreshed the page.

“it gave me errors”.

Care to elaborate, or shall i just guess blindly what they were and try and solve them? :stuck_out_tongue_winking_eye:

If I replace it in login.php, it gave me the same error:

Warning: Cannot modify header information - headers already sent by (output started at /home/habat/public_html/housekeeping/login_system/protect.php:6) in /home/habat/public_html/housekeeping/login_system/protect.php on line 8

However, if I replaced it in protect.php, whenever I tried to login, it just refreshed the page and didn’t log me in.

well what’s protect.php lines 5-8?

You can only ever send headers once - what sends headers?
header()
session_start()* (doesnt send headers but must be executed prior to headers being sent, so i include it here)
any echo, print, etc
any white space or characters outside of <?php ?> blocks.

Here is my login.php code:

&lt;?php 
$act = $_GET['act']; //retrives the page action
if(empty($act)) //if there is no action
{
  echo('&lt;form action="login.php?act=auth" method="post" name="loginform" id="loginform"&gt;
  &lt;p&gt;Username
  &lt;input type="text" name="user"&gt;
  &lt;/p&gt;
  &lt;p&gt;Password
  &lt;input type="password" name="pass"&gt;
  &lt;/p&gt;
  &lt;p&gt;
  &lt;input type="submit" name="Submit" value="Login"&gt;
  &lt;/p&gt;
  &lt;/form&gt;');
}
elseif($act == "auth") //if our page action = auth
{
  $user = $_POST['user'];
  $pw = $_POST['pass']; 
  $pass = md5($pw); 
  include("includes/connect.php"); 
  $sql = "SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass'"; 
  $login = mysql_query($sql);
  echo mysql_error();
  if(!mysql_num_rows($login)) 
  {
        header("Location: login.php"); 
        die(); 
  }
  else
  {
        setcookie("user", $user, time()+3600);//sets our user cookie
                setcookie("pass", $pass, time()+3600);//sets our pass cookie
                header("Location: housekeeping.php");
  } 
}
?&gt;

Here is my protect.php code:

&lt;?php
$user = $_COOKIE['user']; 
$pass = $_COOKIE['pass']; 
include("includes/connect.php"); 
$login = mysql_query("SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass`"); 
if(!mysql_num_rows($login)) 
{
  header("Location: login.php");  
  die();
}
?&gt;

I see where the both headers are directing towards login.php, I just do not know how to fix that issue

try adding an entry in the db table and try executing the query. probably the table contains 0 rows and this creates the problem. there is some config to suppress the warning, but not sure what the config is…