"Query was empty"...

[AliHurworth]

Hi,
I have a script to fetch data from mysql into PHP.

I've logged in a user, using first and second names which are sent as session variables.
I then need to confirm he/she has admin rights, which is recorded in a field on the database.

So the PHP looks like this:

PHP Code:

<?php
session_start();
if((!$_SESSION["first_name"])&&(!$_SESSION["second_name"])){
header("location:login.php");
}
//DB login
    require_once('mysql_login.php');
    $query = "SELECT * FROM cast WHERE fname='$_SESSION[first_name]' and sname='$_SESSION[second_name]'";
    $result=mysql_query($sql) or die(mysql_error());
$newArray = mysql_fetch_array($result);
$level = $newArray['role'];
if ($level=="admin")    {
echo "Sorry, you need to be an admin to access this page";
}
?>

...which is returning a "query was empty" message.

The variables were registered on a different login page as:

PHP Code:

$myfirstname=$_POST['myfirstname'];
$mysecondname=$_POST['mysecondname'];
$_SESSION[first_name] = $myfirstname;
$_SESSION[second_name] = $mysecondname; 


Hints or pointers - all appreciated!

[monarch_684]

What is this line referencing:

PHP Code:

$result=mysql_query($sql) or die(mysql_error()); 


I think it should read:

PHP Code:

$result=mysql_query($query) or die(mysql_error());