0

I'm running the following code, but everything it gives me the following errors. I've read several articles on SO, still no use. The error I'm getting is:

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/xyz/public_html/13/beta/signup.php on line 49
Warning: Cannot modify header information - headers already sent by (output started at /home/xyz/public_html/13/beta/signup.php:49) in /home/xyz/public_html/13/beta/signup.php on line 69

My PHP script:(I've marked the lines 49 & 69)

if(isset($_POST['submit'])&&$_POST['submit']=='Login')
{
    $err = array();
    if(!$_POST['username'] || !$_POST['pass'])
        $err[] = 'All the fields must be filled in!';

    if(!count($err))
    {
        $_POST['username'] = mysql_real_escape_string($_POST['username']);
        $_POST['pass'] = mysql_real_escape_string($_POST['pass']);
        $_POST['remember'] = (int)$_POST['remember'];

        $row = mysql_fetch_assoc(mysql_query("SELECT id,user,email,clg FROM users WHERE user='{$_POST['username']}' AND pass='".md5($_POST['pass'])."'"));-->line 49

        if($row['user'])
        {

            $_SESSION['user']=$row['user'];
            $_SESSION['id'] = $row['id'];
            $_SESSION['clg'] = $row['clg'];
            $_SESSION['email'] = $row['email'];
            $_SESSION['remember'] = $_POST['remember'];
            setcookie('tcookie',$_POST['remember']);
            header("Location: index.php");
            exit;
        }
        else $err[]='Wrong username and/or password!';
    }

    if($err)
    $_SESSION['msg']['login-err'] = implode('<br />',$err);

    header("Location: signup.php");-->line 69
    exit;
}
Improve this question
1
  • Don't md5() something that has already been through mysql_real_escape_string(). Commented Jan 14, 2013 at 7:20

3 Answers 3

Reset to default
5

Your mysql_query function is returning an error, instead of a result. Try:

$res = mysql_query("SELECT id,user,email,clg FROM users WHERE user='{$_POST['username']}' AND pass='".md5($_POST['pass'])."'");
if ($res === false) {
    echo mysql_error();
    die;
}
$row = mysql_fetch_assoc($res);

This will help you get the error information.

Once that error is gone, you'll probably find that the 'headers already send error' disappears too, it's a consequence of something already being printed to the output (possibly an error message).

Update: For your 'No database selected' error, you need to use mysql_select_db($databasename); before you use mysql_query(). Otherwise, mysql has no idea which database you're trying to query.

Also, you may want to look into using PDO, it's another way of accessing MySQL databases, and it's heaps more secure and a bit easier to use (IMO).

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

you need to add mysql_select_db($databasename); before you use mysql_query().
1

Check if you executed mysql_connect properly and have a valid connection to a MySQL Server before doing mysql_query. BTW, Fabian Tamp is right about PDO. Also mysqli extension is better then mysql. It is faster and more stable.

Improve this answer

Comments

0

try to delete the espace after the colon in line 69.

Improve this answer

1 Comment

There's nothing wrong a space between the header name and value.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.