php/mysql error

[Windwaker222]

yea that would be it

 

[pcmxkeith]

Whats the purpose of this site? Might i ask

 

[Windwaker222]

nothing yet, its gonna be reviews on tech stuff, forum, possibly blog, ive got a lot of ideas that i need to sort out

 

[root]

I have two suggestions...
http://uk.php.net/manual/en/function.mysql-num-rows.php

<?php

$link = mysql_connect("localhost", "mysql_user", "mysql_password");
mysql_select_db("database", $link);

$result = mysql_query("SELECT * FROM table1", $link);
$num_rows = mysql_num_rows($result);

echo "$num_rows Rows\n";

?>

I think the connecting string to the database might be wrong.
try changing the commenting part of your script.

if($submit){
               $conn = mysql_connect($host, $db_username, $db_password);
               $db = mysql_select_db($db_name, $conn) or
               print ("We are currently having troubles with the database.  Sorry for the inconvenience.  Please try again later.");
               
               
               
               $query = "SELECT * FROM login WHERE username LIKE '$username' AND password LIKE '$password'";   
               $result = mysql_query($query);
               $numrow = mysql_num_rows($result, $db);
               
               if ($numrow==1) {
               print ("You have succesfully loged in as $username");
               }else{
               print ("There has been no account found under this name.  Please check for spelling and try again.");
               }
               }
               else{
               echo("Please Log-In to continue...<br>
               <form method=\"post\" action=\"login.php\">
               <input type=\"text\" name=\"username\" /><br>
               <input type=\"password\" name=\"password\" /><br>
               <input type=\"submit\" value=\"submit\" name=\"submit\" />
               </form>
               ");
            }

the variable $conn is a pointer to the database connection, and needs to be included when selecting the database. $db is a pointer to the selected database on the server. (though I'm not sure about that one as I've not used it in my second suggestion.

the second suggestion is a different way of looking at the situation.

<?php
$uname = $_POST['uname'];
$pass = $_POST['pwd'];

$myServer = "localhost"; 
$myUser = "xxx"; 
$myPass = "xxx"; 
$myDB = "database"; 
$s = @mssql_connect($myServer, $myUser, $myPass) 
or die("Couldn't connect to SQL Server on $myServer"); 

$d = @mssql_select_db($myDB, $s) 
or die("Couldn't open database $myDB");
//connect to database and check passwaord username combination and get permissions

$query = "SELECT * from users where username = '$uname' and password = '$pass'";
$result = mssql_query($query);
while ( $row = mssql_fetch_array($result) )
{
$permissions =$row["permissions"];

session_start();
$_SESSION['user_name'] = $uname;
$_SESSION['permission'] = $permissions;
}
     if ((isset($_SESSION['user_name']))&&(isset($_SESSION['permission']))) {
     echo "<br>you have sucessfully logged in as: ".$_SESSION['user_name'];
     echo '<br><br><br><a href="default.php">If you are not redirected automaticaly please follow this link</a>';
     }

else
{
echo 'You did not log in sucessfully please try again.

<form method=post action=login.php>
<input type="text" name="uname" id="uname"><br>
<input type="password" name="pwd" id="pwd"><br>
<input type="submit" value="Log In">
</form>
<BR><BR>
Alternativly, if you havn\'t got a log in name you can <a href=applymember.php>apply for membership.</a>
';
}
?>

You make sure that there is only one instance of each username on registration, so you can afford to ignore that (if $num_rows = "1") statement, because a user either exists, (with one instance) or doesn't exist, (with no instances.
when the ser logs on they have a permission selected from a database (this would be checked to find out what actions they can perform, (eg, user or admin) and if the user exists, the permission level and the username are stored in a session variable.

session variables are server side, so the user doesnot hae to have cookies, also storing the permission level (and any other usefull information) will reduce the amount of database queries needed (and help improve performance).

hope this helps...