Hi, i need help to solve this case, I'm trying to create login forms, and i got errors it said
"mysql_num_rows() expects parameter 1 to be resource, boolean given in line 18.
i can't figure out what this mean and how to solve it. here is code, please see line 18 in bold where it said
$count=mysql_num_rows($result);
Code:
ob_start();
// Connect to server and select databse.
include ('conn.php');
// Define $myusername and $mypassword
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM `members` WHERE username='$myusername' and password='$mypassword'";
//echo $sql;
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
echo $myusername;
$_SESSION['myusername'] = $myusername;
//header("location:login_success.php");
}
else {
echo "";
//header("location:index.php?a='failed'");
}
ob_flush();
?>
can anyone help me what to write that code to solve this, because I'm still not get it.
It means the query failed for some reason and returned a Boolean false instead of a query result resource. Therefore you need to debug your query and also consider adding some defensive coding, so that you only call mysql_num_rows() if the query did not fail (i.e. is not false).
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
You might try running the query in phpMyadmin to make sure the query returns the right data. Is the conn.php connecting ok?
It is not a good practice to store the password in a readable format. It is best to encrypt the password. That way if your site is hacked the passwords will not be stolen along with usernames. When encrypted you just re-encrypt the login and compare encrypted to encrypted.
Reply With Quote
Bookmarks