Okay so i have to make a signup form and i have pretty much everything finished but i keep getting this error Warning: mysql_num_rows() expects parameter 1 to be resource. I keep getting this error on my $checkUserQuery & $checkEmailQuery and don't know how to fix it. Any Suggestions?

    $db_name = "htmldb";
    $tbl_name = "phplogin";

    //connect to database
    $conn = mysql_connect("localhost","root","");

    //post back to database and checks userName 
    //and email for no duplicates in database
        $first = $_POST['firstName'];
        $last = $_POST['lastName'];
        $user = $_POST['userName'];
        $pass = $_POST['p'];
        $email = $_POST['email'];
        $checkUserQuery = mysql_query("SELECT * FROM $tbl_name WHERE userName = '$user'"); 
        $checkEmailQuery = mysql_query("SELECT * FROM $tbl_name WHERE email = '$email'");

        if(!$first OR !$last OR !$user OR !$pass OR !$email)
            echo("Error: Please make sure all fields are filled out!");
        elseif(mysql_num_rows($checkUserQuery) > 0)
            echo("Error: Username already exists!");
        elseif(mysql_num_rows($checkEmailQuery) > 0)
            echo("Error: E-mail Address has already been used please user another one!");
            $query = mysql_query("INSERT INTO phplogin
            echo("Sign Up Successful!");
5 Years
Discussion Span
Last Post by broj1

Well that's probably because something has gone wrong while executing your query. Try adding OR exit(mysql_error()) to your query lines, so that it would become, for example:

$checkUserQuery = mysql_query("SELECT * FROM $tbl_name WHERE userName = '$user'") OR exit(mysql_error());

$checkEmailQuery = mysql_query("SELECT * FROM $tbl_name WHERE email = '$email'") OR exit(mysql_error());

And see if that returns any errors.

Also you might want to consider escaping user-input by using mysql_real_escape_string(). For example:

$first = mysql_real_escape_string($_POST['firstName']);

Edited by minitauros


Also check if all input values exist. You are using these values in queries and if user did not enter all of them you will get strange results.

// check if anything was entered (you might apply other checks and validations)
if(isset($_POST['firstName']) && !empty($_POST['firstName'])) {
    // if yes, trim the entry (user might not be aware that he entered some spaces) 
    // and escape it (security against injections is very very important)
    $first = mysql_real_escape_string(trim($_POST['firstName']));
} else {
    // display an error message
    die('Error: You must enter first name!');
// do that or all fields

Your last query might be wrong (missing some single quotes). I would do it this way (easier to debug):

 $insQuery = "INSERT INTO phplogin VALUES('$first', '$last', '$user', '$pass', '$email')";
 $query = mysql_query($insQuer);

Edited by broj1

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.