divinedesigns1 Posted June 24, 2012 Share Posted June 24, 2012 ok i keep getting this error Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\TINCS 2012 Edit\login.php on line 40 [/i][i] $errorMsg = '';$user = '';$pass = '';$remember = '';if (isset($_POST['username'])) { $user = $_POST['username']; $pass = $_POST['password']; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } $email = stripslashes($user); $pass = stripslashes($pass); $email = strip_tags($user); $pass = strip_tags($pass); // error handling conditional checks go here if ((!$user) || (!$pass)) { [/i][i] $errorMsg = 'Please fill in both fields';[/i][i] } else { $con = mysql_connect($dbhost, $dbuser, $dbpass, $dbname); $user = mysql_real_escape_string($user); //$pass = mysql_real_escape_string($pass); $pass = md5($pass); [/i][i] $sql = mysql_query("SELECT * FROM user WHERE email='$user' AND password='$pass'"); $login_check = mysql_num_rows($sql);[/i][i] the above code is a old one i had laying around Link to comment Share on other sites More sharing options...
boen_robot Posted June 24, 2012 Share Posted June 24, 2012 Check if "SELECT * FROM user WHERE email='$user' AND password='$pass'" results in what you think it does. Then, use mysql_error() to find out the actual error message. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 25, 2012 Author Share Posted June 25, 2012 Check if "SELECT * FROM user WHERE email='$user' AND password='$pass'" results in what you think it does. Then, use mysql_error() to find out the actual error message.ok ill do that, and sorry for the late reply Link to comment Share on other sites More sharing options...
rootKID Posted June 25, 2012 Share Posted June 25, 2012 just echo it on the page orr use a print_r() with post/get... depends on what you use ... Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 25, 2012 Author Share Posted June 25, 2012 that didnt fix it either Link to comment Share on other sites More sharing options...
birbal Posted June 25, 2012 Share Posted June 25, 2012 can you post your latest codes? what does the error saying? what boen suggested wont solve the problem itself it will tell the reason of failing. you have to act upon that error. Link to comment Share on other sites More sharing options...
Guest So Called Posted June 25, 2012 Share Posted June 25, 2012 (edited) You should test those resources before just blindly using them: $con = mysql_connect($dbhost, $dbuser, $dbpass, $dbname);if (!$con) echo 'connect error';... Wouldn't surprise me if your database connect failed. Edited June 25, 2012 by So Called Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 25, 2012 Author Share Posted June 25, 2012 You should test those resources before just blindly using them: $con = mysql_connect($dbhost, $dbuser, $dbpass, $dbname);if (!$con) echo 'connect error';... Wouldn't surprise me if your database connect failed. question: do you have a problem with me?and my database connection is connecting perfectly fine Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 25, 2012 Author Share Posted June 25, 2012 this is my latest code session_start();error_reporting(E_ALL);ini_set('display_errors', '1');$errorMsg = '';$username = '';$password = '';$remember = '';print_r($_POST);if (isset($_POST['username'])) {$username = $_POST['username'];$password = $_POST['password'];if (isset($_POST['remember'])) { $remember = $_POST['remember'];}$username = stripslashes($username);$password = stripslashes($password);$username = strip_tags($username);$password = strip_tags($password);// error handling conditional checks go hereif ((!$username) || (!$password)) { $errorMsg = 'Please fill in both fields';} else { $con = mysql_connect($dbhost, $dbuser, $dbpass, $dbname); $username = mysql_real_escape_string($username); //$password = mysql_real_escape_string($password); // After we connect, we secure the string before adding to query $password = md5($password); // Add MD5 Hash to the password variable they supplied after filtering it // Make the SQL query $sql = "SELECT * FROM user WHERE username='$username' AND password='$password'";$result = mysql_query($sql); $login_check = mysql_num_rows($con, $result); // If login check number is greater than 0 (meaning they do exist and are activated) if($login_check > 0){ while($row = mysql_fetch_array($result)){ $id = $row["id"]; $_SESSION['id'] = $id; // Create the idx session var $_SESSION['idx'] = base64_encode("g4p3h9xfn8sq03hs2234$id"); // Create session var for their username $username = $row["username"]; $_SESSION['username'] = $username; // Create session var for their email $username = $row["username"]; $_SESSION['username'] = $username; // Create session var for their password $userpass = $row["password"]; $_SESSION['password'] = $password; mysql_query("UPDATE user SET last_log_date=now() WHERE id='$id' LIMIT 1"); } // close while // Remember Me Section if($remember == "yes"){ $encryptedID = base64_encode("g4enm2c0c4y3dn3727553$id"); setcookie("idCookie", $encryptedID, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days setcookie("passCookie", $password, time()+60*60*24*100, "/"); // Cookie set to expire in about 30 days } // All good they are logged in, send them to homepage then exit script header("location:index.php"); exit(); } else { // Run this code if they do not exist $errorMsg = "no No NO!!! Try Again!!<br /> Username or Password Is Incorrect!!!"; } }}?> Link to comment Share on other sites More sharing options...
justsomeguy Posted June 25, 2012 Share Posted June 25, 2012 Don't use MD5, ever, for anything. At a minimum use SHA-1, preferably use SHA-512. There's no reason to use MD5. It would also be preferable to salt your passwords or use a library like PHPass to help with passwords. Other than that, is the code working? Link to comment Share on other sites More sharing options...
thescientist Posted June 25, 2012 Share Posted June 25, 2012 question: do you have a problem with me?and my database connection is connecting perfectly fine This issue comes up a lot around here. The function is expecting a result resource, and if doesn't get one, you get the error you are seeing. Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\TINCS 2012 Edit\login.php on line 40 The next logical step is to work back to where that result resource came from, which is here$sql = mysql_query("SELECT * FROM user WHERE email='$user' AND password='$pass'"); if you read the documentation, you will find that if there was an error, you won't get a result resource, you will get false. http://php.net/manual/en/function.mysql-query.php False is a boolean, which is exactly what the error is telling you. At this point, you need to start and debug each step, from the connection to the DB, to the query. Nothing in your code indicates that any of these are definitely working, as you have no error handling or debugging in place. There is no reason for you or us to expect your code is just "working" because you say it is. Link to comment Share on other sites More sharing options...
Guest So Called Posted June 25, 2012 Share Posted June 25, 2012 question: do you have a problem with me?and my database connection is connecting perfectly fineMaybe I missed the part of your code where you checked to see if the connection was valid. I didn't see it. If you don't test it then you have no way of knowing if the connection attempt was successful. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 26, 2012 Author Share Posted June 26, 2012 Don't use MD5, ever, for anything. At a minimum use SHA-1, preferably use SHA-512. There's no reason to use MD5. It would also be preferable to salt your passwords or use a library like PHPass to help with passwords. Other than that, is the code working?yeah the code is working, its just the mysql_num_rows errors im getting. This issue comes up a lot around here. The function is expecting a result resource, and if doesn't get one, you get the error you are seeing. The next logical step is to work back to where that result resource came from, which is here$sql = mysql_query("SELECT * FROM user WHERE email='$user' AND password='$pass'"); if you read the documentation, you will find that if there was an error, you won't get a result resource, you will get false. http://php.net/manua...mysql-query.php False is a boolean, which is exactly what the error is telling you. At this point, you need to start and debug each step, from the connection to the DB, to the query. Nothing in your code indicates that any of these are definitely working, as you have no error handling or debugging in place. There is no reason for you or us to expect your code is just "working" because you say it is. the below code was changed,$sql = mysql_query("SELECT * FROM user WHERE email='$user' AND password='$pass'"); also the connection to the database is working perfectly fine, since im using the same connections for other scripts, which is working fine also. but ill take a look at the document you provided Link to comment Share on other sites More sharing options...
thescientist Posted June 26, 2012 Share Posted June 26, 2012 you should really start at the root of the problem, which is coming from mysql_query, and error check it as has been exampled to you. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 26, 2012 Author Share Posted June 26, 2012 you should really start at the root of the problem, which is coming from mysql_query, and error check it as has been exampled to you.yes, i will be doing so, i was just responsing to ya'll suggestions and comments Link to comment Share on other sites More sharing options...
divinedesigns1 Posted June 26, 2012 Author Share Posted June 26, 2012 error fixed, query was wrong, and when i was responsing i didnt had my other pc with me, since my host is slow so i use this pc for all test scripting Link to comment Share on other sites More sharing options...
boen_robot Posted June 30, 2012 Share Posted June 30, 2012 question: do you have a problem with me?I'm pretty sure he doesn't. He's just experienced. It looks exactly the same. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now