hai i am new to php. i am getting this as error

---You have an error in your SQL syntax; check the manual that corresponds to your MySQL---
can anyone tel wher is the error. Thank u..!!

<html>
<body>
<form action="login.php" method="post">
<div>
<table width="100%">
    <tr>
        <td><img src="Logofinalcopy.gif"></td>
    </tr>
    <tr>
        <td bgcolor="aqua"><h2>Login</h2></td>
    </tr></table>
<table align="right" style="width:40%">
    <br>
    <tr>
       <td>Username:</td>
       <td><input type="text" name="username"></td>
    </tr>
    <tr>
       <td>Password:</td>
       <td><input type="password" name="password"></td>
    </tr>
    <tr>
        <td align="CENTER" COLSPAN="4">
        <input TYPE="SUBMIT" name="submit" value="Login">
        <input TYPE="reset" name="submit" value="clear"></td>
    </tr>
</table>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
    $con = mysql_connect("10.70.1.50","invensis","invensis");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    $con=mysql_select_db("database_myproject");
    if (!$con)
    {
        die('Could not connect DB: ' . mysql_error());
    }

    $username=$_POST['username'];
    $password=$_POST['password'];
    $Username = stripslashes($username);
    $Password = stripslashes($password);
    $Username = mysql_real_escape_string($username);
    $Password = mysql_real_escape_string($password);
    $flag="OK";  
    $msg=""; 
    if(strlen($Username) < 1)
    {
        $msg=$msg."Please enter the username<br>";
        $flag="NOTOK"; 
    }
    if(strlen($Password) < 1)
    {
        $msg=$msg."Please enter the password<br>";
        $flag="NOTOK";  
    }
    if($flag <>"OK")
    {
       echo "<br><br><br><br><br><strong style='color:#FF3333'>"."<right>Please enter Username/Password <br></right>"."</strong>";                                                                                                                                }  
    else
    {
        $sql="SELECT * FROM Users WHERE Username='$Username' and Password='$Password'";        
        $result=mysql_query($sql) or die(mysql_error()); 
        $count=mysql_num_rows($result);          
        if($count==1)
        {                    
            $sql1 =mysql_query("SELECT Role FROM Users WHERE Username='$Username' and Password='$Password'");
            while($info = mysql_fetch_array($sql1))
            $info['Role'];   
            {
                if($info['Role']== '0')
                {
                    @header("location: http://localhost//Project/Superadmin.php");
                } 
                else if($info['Role']== '1')
                {
                    @header("location: http://localhost//Project/Admin.php");
                } 
                else if($info['Role']== '2')
                {
                    @header("location: http://localhost//Project/User.php");
                } 
            }   

        }
        else 
        {
            echo "<br><br><br><br><br><strong style='color:#FF3333'><left>Incorrect UserName OR Password</left></strong>";
        }

    }
}
?>

both queries seem fine to me, can you post the entire error message?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #30' at line 1

both queries seem fine to me, can you post the entire error message?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #30' at line 1

when do you get this error?
the query causing the error is not in the code you posted, perhaps it's in one of those files "superadmin.php", "admin.php", "user.php"

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.