Hey guys,This is a simple issue I'm sure, however I'm having one hell of a
time seeing my way clear of it. I appreciate any support you guys could
throw my way.
So I'm trying to set up a small website that includes a store (
www.rareintaglio.com), i have all of my HTML hammed out and now I'm working
on creating an admin login for the sites owner to input data from a back
end. I have it set up so that he goes to /adminlogin.php, enters his info
and gains access to the back end of the website using Session variables
(valid vs. invalid) however i keep getting this reply when i try to run the
script:
Results: SELECT * FROM adminlog WHARE username = 'gourmet28e' AND password =
'*******'
Query failed: Query was empty
here's the /adminlogin script:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<?php
session_start ;
?>
<head>
<link rel="stylesheet" type="text/css" href="intaglio.css" />
<title></title>
<meta http-equiv="content-type" content="text/html;charset=UTF-8" />
</head>
<body><center>
<div id="body">
<div id="header"></div>
<div id="navbody">
<div id="nav">
<ul>
<li><a href="/index.html">Home</a></li>
<li><a href="/shop.html">Store</a></li>
<li><a href="/about.html">About</a></li>
</ul>
</div>
</div>
<div id="cbody">
<?php
if ($_SESSION['user'] == invalid)
{
echo 'Invalid Username or Password, please try again';
}
if ($_SESSION['user'] == valid)
{
header ("Location: http://www.rareintaglio.com/member.php";);
}
?>
<form method="post" action="/session.php">
<table border="0">
<tr><td>Admin Name: </td></tr>
<tr><td><input type="text" name="username" size="30" maxlength="20"/>
</td></tr>
<tr><td>Password:</td></tr>
<tr><td><input type="password" name="password" size="30" maxlength="20"/>
</td></tr>
<tr><td><input type="submit" value="Login" /> </td></tr>
</table>
</div>
<div id="footer"><p>All Pages and Images Copyright @ 2009, Devour.tv Ltd.
All Rights Reserved</p></div>
</body>
</html>
and /session.php goes a little like:
<?php
$host="Rareintag.db.4159106.hostedresource.com"; // Host name
$username="Rareintag"; // Mysql username
$password="**********"; // Mysql password
$db_name="Rareintag"; // Database name
$tbl_name="adminlog"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$username=$_POST['username'];
$password=$_POST['password'];
$qury = "SELECT * FROM adminlog WHARE username = '$username' AND password =
'$password'";
echo '<br />';
echo "Query: " . $query;
echo '<br />';
echo "Results: " . $result;
echo $qury;
echo '<br />';
$result = mysql_query($query) or die('Query failed: ' . mysql_error());
if($result == 0){
$_SESSION['user'] = invalid ;
header("Location: http://www.rareintaglio.com/adminlogin.php";);
}
else
{
$_SESSION['user'] = valid ;
header("Location: http://www.rareintaglio.com/members.php";);
}
?>
However as I mentioned above i keep getting an error,
does anyone know where I took a wrong turn?
Thanks,
Watson
