Page 1 of 1

Register and Login (User Account System) PHP Error

Posted: Thu May 24, 2012 3:03 am
by kosakriszi
Hello, I was following you on your quest through your "Register and Login (User Account System)" tutorial when I stumbled upon an error:

------------------------------------------------------------------------------------------------------------------------------------------------------
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/login/core/inc/user.inc.php on line 9

Warning: Cannot modify header information - headers already sent by (output started at /var/www/login/core/inc/user.inc.php:9) in /var/www/login/register.php on line 27
------------------------------------------------------------------------------------------------------------------------------------------------------

If I comment out the mysql_result() function, then the header error disappears.

Here is my code for my files:

register.php:
------------------------------------------------------------------------------------------------------------------------------------------------------
include('core/init.inc.php');

if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])) {
   if (empty($_POST['username'])) {
       $errors[] = 'The username cannot be empty!';
   }

   if (empty($_POST['password']) || empty($_POST['repeat_password'])) {
       $errors[] = 'The password cannot be empty!';
   }

   if ($_POST['password'] !== $_POST['repeat_password']) {
       $errors[] = 'Password verification failed!';
   }

   if (user_exists($_POST['username'])) {
       $errors[] = 'That username has been taken!';
   }

   if (empty($errors)) {
       add_user($_POST['username'], $_POST['password']);

       $_SESSION['username'] = htmlentities($_POST['username']);

       header('Location: success.php');

       die();
   }
}
------------------------------------------------------------------------------------------------------------------------------------------------------

init.inc.php:
------------------------------------------------------------------------------------------------------------------------------------------------------
session_start();

$exceptions = array('register', 'login');

$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);

if (in_array($page, $exceptions) === false) {
       if (isset($_SESSION['username']) === false) {
               header('Location: login.php');
               die();
       }
}

mysql_connect('127.0.0.1', 'root', 'Valid');
mysql_select_db('user_system');

include("inc/user.inc.php");
------------------------------------------------------------------------------------------------------------------------------------------------------

user.inc.php:
------------------------------------------------------------------------------------------------------------------------------------------------------
// checks if given username exists in database
function user_exists($user) {
       $user = mysql_real_escape_string($user);

       $total = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE
'user_name' = '{$user}'");

   return (mysql_result($total, 0) == '1') ? true : false;
}

// checks if given username and password combo is valid
function valid_credentials($user, $pass) {
       $user = mysql_real_escape_string($user);
       $pass = sha1($pass);

       $total = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'");

       return (mysql_result($total, 0) == '1') ? true : false;
}

// adds user to database
function add_user($user, $pass) {
       $user = mysql_real_escape_string(htmlentities($user));
       $pass = sha1($pass);

       mysql_query("INSERT INTO 'users' ('user_name', 'user_password')
VALUES ('{$user}', '{$pass}')");
}
------------------------------------------------------------------------------------------------------------------------------------------------------

If you could give any help, that would be much appreciated!

Thank you,
Krisztián

Re: Register and Login (User Account System) PHP Error

Posted: Thu May 24, 2012 9:42 pm
by Temor
Hello. The error is in your SQL statement. Adding
echo mysql_error();
under your failing query will tell you what is wrong 9½ times out of 10. In this case you're using the wrong signs around the row and table names.
This line:
 $total = mysql_query("SELECT COUNT('user_id') FROM 'users' WHERE
'user_name' = '{$user}'");
Should look like this:
 $total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE
`user_name` = '{$user}'");
A row or table name surrounded by single quotes ( ' ) will be treated as a string or a variable. Use backticks ( ` ) instead.

Re: Register and Login (User Account System) PHP Error

Posted: Fri May 25, 2012 1:19 am
by kosakriszi
Thank you so much, I couldn't tell the difference between them on the video (Stupid 480p). That makes a lot more sense! :D

Re: Register and Login (User Account System) PHP Error

Posted: Fri May 25, 2012 11:05 am
by jacek
kosakriszi wrote:Thank you so much, I couldn't tell the difference between them on the video (Stupid 480p). That makes a lot more sense! :D
I always mean to mention it and always end up forgetting :(