Please can someone help me to solve the error below: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/adminLogin.php on line 20 My php file is below <?php include 'db.php'; if(!isset($_POST['Submit'])) { echo""; } else { $username=@$_POST['username']; $password=@$_POST['password']; if(empty($username) or empty($password)) { echo"<script>alert('Please supply username/password')</script>"; } else { $query=mysql_query("Select user_id,username,password from `admin` where username='$username' and password='$username'"); $query1=mysql_fetch_array($query); $user=$query1['username']; $pass=$query1['password']; $user_id=$query1['user_id']; if($username==$user and $password==$pass) { session_register($username); session_register($password); header("Location:admin.php?id=$user_id"); } else { echo"<script>alert('Invalid username/password !! Please check information')</script>"; } } }
Your query is failing; Change this line: $query=mysql_query("Select user_id,username,password from `admin` where username='$username' and password='$username'"); Code (markup): to $query=mysql_query("Select user_id,username,password from `admin` where username='$username' and password='$username'") or die(mysql_error()); Code (markup): On a different note, your code is pretty dangerous as it allows for sql injection attacks on your site... You need to add mysql_real_escape_string() around the variables you are passing to the SQL query, you should make the $user_id be part of the session just like the username and password instead of pulling it from the URI, and I'm not sure why a successful login does a redirect when all other actions are returning javascript elements...