Hello all,
I have searched this forum to find the answer to my question however none of the answers seem relevant so here we go:

I am building a member service however when coding the login.php script, I keep coming across this error:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /(DIRECTORY)/login.php on line 67

The code in question is:

<?php
					if ($_POST['submit-login'])
{
	$user_retrieve = mysql_query("SELECT * FROM `users` WHERE
	`username` = '" . mysql_escape_string($_POST['username']) . "' &&
	`password` = '" . mysql_escape_string(md5(SALT_KEY .
	$_POST['password'] . SALT_KEY)) . "'");
	
	if (mysql_num_rows($user_retrieve))
	{
		$ur = mysql_fetch_array($user_retrieve);
		$session_retrieve = mysql_query("SELECT * FROM `user_sessions`
		WHERE `session_id` = '" .
		mysql_escape_string($_COOKIE['PHPSESSID']) . "' && `ip_address` = '" .
		mysql_escape_string($_SERVER["REMOTE_ADDR"]) . "'");
		if (mysql_num_rows($session_retrieve))
		{
			echo "You are already logged in. <a href='members-area.php'>Click Here</a>";
		}
			else
		{
		if (empty($_COOKIE['PHPSESSID']))
		{
		echo "Unknown Error, Please try enabling cookies.";
		}else{
			$create_session = mysql_query("INSERT into `user_sessions` (session_id, ip_address, uid) values ('".mysql_escape_string($_COOKIE['PHPSESSID'])."', '" . mysql_escape_string($_SERVER["REMOTE_ADDR"]) . "', '" . mysql_escape_string($ur['id']) . "');");
			echo "You have successfully logged in. <a href='members-area.php'>Click Here</a>";
		}
		}
		}
		else
		{			echo "Invalid Username or Password.";
		}
	}
?>

with this at the start of the document:

<?php
session_start();
include ("configuration.php");
?>

and configuration.php is set up correctly.

Could someone please help me with the problem and explain why the error is appearing as I am moderately new to php and would like to learn from my mistake.

Thanks!

post both files here configuration.php and index.php

Debug your code with echo.
echo both select script and run it in phpmyadmin.
Post what you are getting.

<?php
					if ($_POST['submit-login'])
{
	$sql = "SELECT * FROM `users` WHERE
	`username` = '" . mysql_escape_string($_POST['username']) . "' &&
	`password` = '" . mysql_escape_string(md5(SALT_KEY .	$_POST['password'] . SALT_KEY)) . "'";
	echo 'First Query : <br> :'.$sql;
	
	$user_retrieve = mysql_query($sql);
	
	if (mysql_num_rows($user_retrieve))
	{
		$ur = mysql_fetch_array($user_retrieve);
		$sql = "SELECT * FROM `user_sessions` WHERE `session_id` = '".mysql_escape_string($_COOKIE['PHPSESSID'])."' && `ip_address` = '".mysql_escape_string($_SERVER["REMOTE_ADDR"])."'";
		echo 'Second Query : <br> :'.$sql;
		exit;
		
		$session_retrieve = mysql_query($sql);
		if (mysql_num_rows($session_retrieve))
		{
			echo "You are already logged in. <a href='members-area.php'>Click Here</a>";
		}
			else
		{
		if (empty($_COOKIE['PHPSESSID']))
		{
		echo "Unknown Error, Please try enabling cookies.";
		}else{
			$create_session = mysql_query("INSERT into `user_sessions` (session_id, ip_address, uid) values ('".mysql_escape_string($_COOKIE['PHPSESSID'])."', '" . mysql_escape_string($_SERVER["REMOTE_ADDR"]) . "', '" . mysql_escape_string($ur['id']) . "');");
			echo "You have successfully logged in. <a href='members-area.php'>Click Here</a>";
		}
		}
		}
		else
		{			echo "Invalid Username or Password.";
		}
	}
?>

In which line in the above code you tot this error? 9 or 16

I wasn't aware you could use && in SQL queries (see line 14). Change it to AND instead.

Also, you say you searched the forum; the first post in this forum (at the top of the page tackles the same issue), and searching for the exact title of your post found half a dozen matches. Did you read through these?

Turns out I had mistakenly named 'ip_address' when it should have been 'ip'. Problem solved. Thankyou all!