<?php session_start();?><html xmlns="http://www.w3.org/1999/xhtml"><head><LINK href="includes/css/style.css" rel="stylesheet" type="text/css"><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Login</title></head><body><?php include('header.php');include("dbsettings.php"); $link= 'mysql_connect("$host", "$username", "$password")or die("cannot connect")'; mysql_select_db("$db_name")or die("cannot select DB"); $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $sql="SELECT id FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'"; $result=mysql_query($sql); if(mysql_num_rows($result) == 1) { $row = mysql_fetch_array($result); $user_id= $row['id']; $sessid= session_id(); $sql = "INSERT INTO sessions (session_id, user_id) VALUES ('$sessid', '$user_id')"; echo "<hr>debug sql: " . $sql . "<hr>\n"; if(!mysql_query($sql)){ mysql_errno($link) } else echo '<META HTTP-EQUIV="Refresh" Content="4; URL=account.php">'; $sql="SELECT activesession FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'"; $result=mysql_query($sql); if(mysql_num_rows($result) == 1) if($row['session_id']==1) {echo "You are already logged in...Redirecting to your account";echo '<META HTTP-EQUIV="Refresh" Content="4; URL=account.php">'; exit(); } ?><div id="loginsuccess"><div class="cntr">Please be Patient, we are logging you in. <br /><img src="includes/image/ajax-loader.gif" alt="ajax-loader.gif" width="43" height="11" /></div></div></body></html> PHP:
LOL you are so funny, how can we know what line 32 is? Please save your html page with line endings!! (open the file with wordpad.exe (from winhooz) and save it) then try to paste the content here and describe what line 32 is!
Try this: <?php session_start();?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <LINK href="includes/css/style.css" rel="stylesheet" type="text/css"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> </head> <body> <?php include('header.php'); include("dbsettings.php"); $link= 'mysql_connect("$host", "$username", "$password")or die("cannot connect")'; mysql_select_db("$db_name")or die("cannot select DB"); $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $sql="SELECT id FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'"; $result=mysql_query($sql); if(mysql_num_rows($result) == 1) { $row = mysql_fetch_array($result); $user_id= $row['id']; $sessid= session_id(); $sql = "INSERT INTO sessions (session_id, user_id) VALUES ('$sessid', '$user_id')"; echo "<hr>debug sql: " . $sql . "<hr>\n"; } $result = mysql_query($sql); if (mysql_errno($link)) { echo '<META HTTP-EQUIV="Refresh" Content="4; URL=account.php">'; $sql="SELECT activesession FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'"; $result=mysql_query($sql); } if(mysql_num_rows($result) == 1) { if($row['session_id']==1) { echo "You are already logged in...Redirecting to your account"; echo '<META HTTP-EQUIV="Refresh" Content="4; URL=account.php">'; exit(); } } ?> <div id="loginsuccess"> <div class="cntr">Please be Patient, we are logging you in. <br /> <img src="includes/image/ajax-loader.gif" alt="ajax-loader.gif" width="43" height="11" /></div> </div> </body> </html> PHP:
you didn't closed the open curly bracket of this if statement.. if(mysql_num_rows($result) == 1) { PHP: