0

Hello, I've been using a book to learn php, and when I try to make it work for my own use, there seems to be an error when I try to login. First it says that the log in is invalid, and it comes up with this warning message:

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\wamp\www\loginsite\login.php on line 25

if (!empty($user_username) && !empty($user_password)) {
        // Look up the username and password in the database
        $query = "SELECT user_id, username FROM mismatch_user WHERE username = '$user_username' AND password = SHA('$user_password')";
        $data = mysqli_query($dbc, $query);

//below is line 25 of code
        if (mysqli_num_rows($data) == 1) {
          // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
          $row = mysqli_fetch_array($data);
          $_SESSION['user_id'] = $row['user_id'];

I can post more code if I need to

Thanks

Edited by phouse512: n/a

6
Contributors
13
Replies
14
Views
7 Years
Discussion Span
Last Post by phouse512
Featured Replies
  • [QUOTE=ardav;1033547][CODE]$data = mysqli_query($dbc, $query);[/CODE] Should this be: [CODE]$data = mysqli_query($query, $dbc);[/CODE] Having not used mysqli - I can't comment, but I think the first parameter should be the query, then the connection link identifier.[/QUOTE] Nope, for some reason they swapped them for mysqli, although if no connection is specified, it … Read More

0

Okay usually I use supressants on mysqli_num_rows as if there is 0 rows it will return this error.

Try running a query that you know deffinetly exists in your database.

0

Froger93: I don't understand what you really mean. Could you explain a little more?

Network18: I tried replacing the line with what you did, but I still got two errors this time:

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\wamp\www\loginsite\login.php on line 25

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\Program Files\wamp\www\loginsite\login.php on line 25
But they appear to be the same.

EDIT: I fixed the error because of a stupid mistake, but now, I still can't login, when I inputed the username/password myself using MySQL console.

Edited by phouse512: n/a

0

Mine and networks solutions do the same thing but make sure you use the @ infront of the num_rows functions incase the query didn't return any rows, this is most likely happening because the query didn't return any results.

As I said before try inputing data into the form that you know really does exist in your database.

0

I tried what you just said, but it still does not work. To show you, here is the data for the database, but I don't know why it won't work:

mysql> select * FROM login;
+---------+---------------+-------------+--------+
| user_id | username | password | name |
+---------+---------------+-------------+--------+
| 1 | phouse512 | ---------- | Philip |
| 2 | admin | admin | admin|
+---------+---------------+-------------+--------+
2 rows in set (0.00 sec)

Here's the login code:

<?php
  require_once('connectvars.php');

  // Start the session
  session_start();

  // Clear the error message
  $error_msg = "";

  // If the user isn't logged in, try to log them in
  if (!isset($_SESSION['user_id'])) {
    if (isset($_POST['submit'])) {
      // Connect to the database
      $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

      // Grab the user-entered log-in data
      $user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
      $user_password = mysqli_real_escape_string($dbc, trim($_POST['password']));

      if (!empty($user_username) && !empty($user_password)) {
        // Look up the username and password in the database
        $query = "SELECT user_id, username FROM login WHERE username = '$user_username' AND password = SHA('$user_password')";
        $data = mysqli_query($dbc, $query);

        if (@mysqli_num_rows($data) == 1) {
          // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
          $row = mysqli_fetch_array($data);
          $_SESSION['user_id'] = $row['user_id'];
          $_SESSION['username'] = $row['username'];
          setcookie('user_id', $row['user_id'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
          setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
          $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
          header('Location: ' . $home_url);
        }
        else {
          // The username/password are incorrect so set an error message
          $error_msg = 'Sorry, you must enter a valid username and password to log in.';
        }
      }
      else {
        // The username/password weren't entered so set an error message
        $error_msg = 'Sorry, you must enter your username and password to log in.';
      }
    }
  }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>Mismatch - Log In</title>
  <link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
  <h3>Mismatch - Log In</h3>

<?php
  // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
  if (empty($_SESSION['user_id'])) {
    echo '<p class="error">' . $error_msg . '</p>';
?>

  <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <fieldset>
      <legend>Log In</legend>
      <label for="username">Username:</label>
      <input type="text" name="username" value="<?php if (!empty($user_username)) echo $user_username; ?>" /><br />
      <label for="password">Password:</label>
      <input type="password" name="password" />
    </fieldset>
    <input type="submit" value="Log In" name="submit" />
  </form>

<?php
  }
  else {
    // Confirm the successful log-in
    echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '.</p>');
  }
?>

</body>
</html>
0
$data = mysqli_query($dbc, $query);

Should this be:

$data = mysqli_query($query, $dbc);

Having not used mysqli - I can't comment, but I think the first parameter should be the query, then the connection link identifier.

1
$data = mysqli_query($dbc, $query);

Should this be:

$data = mysqli_query($query, $dbc);

Having not used mysqli - I can't comment, but I think the first parameter should be the query, then the connection link identifier.

Nope, for some reason they swapped them for mysqli, although if no connection is specified, it will default to that last connection that was established I believe. :)
http://www.php.net/manual/en/mysqli.query.php

Votes + Comments
Thanks Will - didn't know that
0

Rather than:

$data = mysqli_query($dbc, $query);

Try this:

if (!$data = mysqli_query($dbc, $query)) {
    printf("Error message: %s\n", mysqli_error($dbc));
}

It should throw an error in the SQL statement.

0

Do you have phpMyAdmin?

If you do, copy the query from your script and run it directly in there.

You say 'It still didn't work', do you mean it does exactly the same, or are you getting additional/different errors after changing the code?

0

Sorry, I was in a hurry

But I added the ifthen statement that you had, but I'm still getting the 'enter a valid password and username' error. I do have phpMyAdmin, so do you mean to do something like this:

SELECT user_id, username FROM login WHERE username = '$user_username' AND password = SHA('$user_password')

EDIT: I see where I messed up, in the example there is the SHA encryption, but its not encrypted in the database. So I fixed it now

Edited by phouse512: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.