Hey guys,This is a simple issue I'm sure, however I'm having one hell of a
time seeing my way clear of it. I appreciate any support you guys could
throw my way.

So I'm trying to set up a small website that includes a store (
www.rareintaglio.com), i have all of my HTML hammed out and now I'm working
on creating an admin login for the sites owner to input data from a back
end. I have it set up so that he goes to /adminlogin.php, enters his info
and gains access to the back end of the website using Session variables
(valid vs. invalid) however i keep getting this reply when i try to run the

Results: SELECT * FROM adminlog WHARE username = 'gourmet28e' AND password =
Query failed: Query was empty
here's the /adminlogin script:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

  session_start ;

<link rel="stylesheet" type="text/css" href="intaglio.css" />
  <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
<div id="body">
 <div id="header"></div>
 <div id="navbody">
 <div id="nav">
  <li><a href="/index.html">Home</a></li>
  <li><a href="/shop.html">Store</a></li>
  <li><a href="/about.html">About</a></li>
 <div id="cbody">


 if ($_SESSION['user'] == invalid)
echo 'Invalid Username or Password, please try again';
if ($_SESSION['user'] == valid)
header ("Location: http://www.rareintaglio.com/member.php";);
 <form method="post" action="/session.php">
   <table border="0">
<tr><td>Admin Name: </td></tr>
   <tr><td><input type="text" name="username" size="30" maxlength="20"/>
<tr><td><input type="password" name="password" size="30" maxlength="20"/>
<tr><td><input type="submit" value="Login" />  </td></tr>
<div id="footer"><p>All Pages and Images Copyright @ 2009, Devour.tv Ltd.
All Rights Reserved</p></div>

and /session.php goes a little like:
$host="Rareintag.db.4159106.hostedresource.com"; // Host name
$username="Rareintag"; // Mysql username
$password="**********"; // Mysql password
$db_name="Rareintag"; // Database name
$tbl_name="adminlog"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$qury = "SELECT * FROM adminlog WHARE username = '$username' AND password =
echo '<br />';
echo "Query: " . $query;
echo '<br />';
echo "Results: " . $result;
echo $qury;
echo '<br />';
$result = mysql_query($query) or die('Query failed: ' . mysql_error());

if($result == 0){
$_SESSION['user'] = invalid ;
header("Location: http://www.rareintaglio.com/adminlogin.php";);
$_SESSION['user'] = valid  ;
header("Location: http://www.rareintaglio.com/members.php";);

However as I mentioned above i keep getting an error,
does anyone know where I took a wrong turn?

Reply via email to