Authenticating a User Against a MySQL Table

[jrp91384]

Hi, I’m trying to authenticate a user against a MySQL database and get the following errors. Note, I’m a beginner in the early stages and this is script from a book I’m reading. Any help would be greatly appreciated!
Thank you…

My Errors:
Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in C:\xampp\htdocs\test\passwordtest2.php on line 27

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\test\passwordtest2.php on line 30

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\test\passwordtest2.php:27) in C:\xampp\htdocs\test\passwordtest2.php on line 6

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\test\passwordtest2.php:27) in C:\xampp\htdocs\test\passwordtest2.php on line 7


My Database:
authenticationtest

My authentication table settings are as follows:
rowID TINYINT UNSIGNED NOT NULL AUTO_INCREMENT,
commonname VARCHAR(35) NOT NULL,
username VARCHAR(9) NOT NULL,
pswd VARCHAR(32) NOT NULL,
PRIMARY KEY(rowID));

My php code is as follows (with the exception of my username and password):
<?php
/* Because the authentication prompt needs to be invoked twice,
embed it within a function.
*/
function authenticate_user() {
header('WWW-Authenticate: Basic realm="Secret Stash"');
header("HTTP/1.0 401 Unauthorized");
exit;
}

/* If $_SERVER['PHP_AUTH_USER'] is blank, the user has not yet been prompted for
the authentication information.
*/
if (! isset($_SERVER['PHP_AUTH_USER'])) {
authenticate_user();
} else {
// Connect to the MySQL database by entering the MySQL server, username, and password. Also enter the db on next line.
$conn = mysql_connect("localhost", "myusername", "mypassword");

$db = mysql_select_db("authenticationtest");

// Create and execute the selection query.
$query = "SELECT username, pswd FROM userauth
WHERE username='$_SERVER[PHP_AUTH_USER]' AND
pswd=md5('$_SERVER[PHP_AUTH_PW]')";

$result = mysql_query($conn, $query);

// If nothing was found, reprompt the user for the login information.
if (mysql_num_rows($result) == 0) {
authenticate_user();
}
else {
echo "Welcome to the Authentication Test!";
}
}
?>

[Xnuiem]

$result = mysql_query($conn, $query);

should be

$result = mysql_query($query, $conn);

PHP: mysql_query - Manual

[jrp91384]

Quote:

Originally Posted by Xnuiem

$result = mysql_query($conn, $query);

should be

$result = mysql_query($query, $conn);

PHP: mysql_query - Manual

I switched it to: $result = mysql_query($query, $conn);
but when logging in it will not accept the username and password and goes directly to a blank page on the third attempt.
Any suggestions?

[prafulkr]

use
ob_start()

for output buffering. So warning 3 and 4 will be omitted .
and for 1 and 2 because your query does not fetch any row so this warning appears on screen.

you just print your query on browser and run that query in data base. You got your result.