i am always finding this error. if you have an idea.please assist as soon as possible

 mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\validate_login.php on line 20  
 This is line with the problem as per text -editor(* $row = mysql_fetch_array($result);*)

// Grab User submitted information
$email = $_POST["users_email"];
$pass = $_POST["users_pass"];

// Connect to the database
$con = mysql_connect("localhost","root","");
// Make sure we connected succesfully
if(! $con)
    die('Connection Failed'.mysql_error());

// Select the database to use

$result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = $email");

* $row = mysql_fetch_array($result);*

if($row["users_email"]==$email && $row["users_pass"]==$pass)
    echo"You are a validated user.";
    echo"Sorry, your credentials are not valid, Please try again.";

Edited by thomale: missing details

3 Years
Discussion Span
Last Post by broj1

Put $email in single quotes since it is expected to be a string:

$result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = '$email'");

Other issues:

  1. never trust user input since not everyone will enter email address; some nasty boys might enter a bad query instead (it is called a sql injection), therefore escape the input:

    $email = mysql_real_escape_string($_POST["users_email"]);
    $pass = mysql_real_escape_string($_POST["users_pass"]);

  2. before querying check whether user submitted the form at all and data exist:

    if(isset($_POST["users_email"])) {
    $email = mysql_real_escape_string($_POST["users_email"]);
    } else {
    // handle the error

  3. use some error checking upon querying:

    $result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = $email") or die('ERROR');

  4. avoid mysql extension, move to mysqli or PDO as soon as you can.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.