I have been looking at this code for some time and just can not figure anything wron with it.
My Error Message is: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /hsphere/local/home/gwthorn/htpsinc-web.com/York_County/login.php on line 13
I commeted 13
<?php
session_start();
//The fields are censored but the database does connect.
mysql_connect("-censored-","-censored-","-censored");
mysql_select_db("-censored-");
if(isset($_POST['login'])) {
$username = htmlspecialchars($_POST['username'], ENT_QUOTES);
$password = htmlspecialchars($_POST['password'], ENT_QUOTES);
$password = md5($password);
$sql = mysql_query("SELECT * FROM user_system WHERE username='$username' AND password='$password'");
if(mysql_num_rows($sql)>0) { //!!!!!!!!!!!!!!!!!!!!!!!!Line 13
$_SESSION['auth'] = true;
setcookie("avxsystem_user",$username,time()+30*30*30*30*365);
setcookie("avxsystem_pass",$password,time()+30*30*30*30*365);
echo "<p>Login Successful</p>";
}
else {
echo "<p>Sorry, you are unable to login because you have got your username/password combination wrong. Please check spelling & try again.";
}
}
else {
echo $message;
}
?>