Hello, I have a bit of explaining to do so please bare with me. I am developing the backend of a site and it has a log in feature. I have separated all of the functions of the whole back end into classes: clients, users, ads, database, and security.
I am having a problem with the login function in the security class. When I have it run, it gives me the following warning: "Warning: mysql_query() expects parameter 2 to be resource, null given in database.inc.php on line 25" Then when I go to the home page again it does not redirect (as it is supposed to do in the code), so it tells me that the warning is stopping it from logging in.
The lines of code for that are: (in security.inc.php)
class security extends database{
var $logged = false; // Boolean (ture/false) to tell if user is logged in or not.
var $userData;
function __construct(){
session_start();
header("Cache-control: private"); // Tells the user's browser to not cache their password.
// Check to see if the session exists
if(!isset($_SESSION['userID']) && !isset($_SESSION['username'])){
if(strpos(curPageURL(),'index.php') != false){ // If it is the homepage, it will give you access, because the HP will just put the login form up.
}else{
header("Location: /administration/index.php");
exit();
}
}
}
function login($user,$pass,$successURL = '', $failureURL = ''){
$ePass = $this->encryptPass($pass);
$lUser = strtolower($user);
$getUser = $this->query("SELECT * FROM users WHERE username = '$lUser' AND password = '$ePass' LIMIT 1") or die(mysql_error());
I think it is the last line in the above code that is the problem.
The relevant code for the database class is: (in database.inc.php)
class database{
var $link;
var $host;
var $user;
var $pass;
var $db;
function __construct(){
$this->host = 'HOST';
$this->user = 'USERNAME';
$this->pass = 'PASSWORD';
$this->db = 'DATABASE';
$this->link = mysql_connect($this->host,$this->user,$this->pass);
mysql_select_db($this->db);
}
## Query DB ##
function query($query){
return mysql_query($query,$this->link);
}
Any help would be greatly appreciated!
Thank you in advance.
P.S. If any more information is needed, please ask.