0
i am always finding this error. if you have an idea.please assist as soon as possible



 mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\validate_login.php on line 20  
 This is line with the problem as per text -editor(* $row = mysql_fetch_array($result);*)
<?php

// Grab User submitted information
$email = $_POST["users_email"];
$pass = $_POST["users_pass"];


// Connect to the database
$con = mysql_connect("localhost","root","");
// Make sure we connected succesfully
if(! $con)
{
    die('Connection Failed'.mysql_error());
}

// Select the database to use
mysql_select_db("school",$con);

$result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = $email");

* $row = mysql_fetch_array($result);*

if($row["users_email"]==$email && $row["users_pass"]==$pass)
    echo"You are a validated user.";
else
    echo"Sorry, your credentials are not valid, Please try again.";
?>

Edited by thomale: missing details

2
Contributors
4
Replies
15
Views
4 Years
Discussion Span
Last Post by broj1
0

Put $email in single quotes since it is expected to be a string:

$result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = '$email'");
0

Other issues:

  1. never trust user input since not everyone will enter email address; some nasty boys might enter a bad query instead (it is called a sql injection), therefore escape the input:

    $email = mysql_real_escape_string($_POST["users_email"]);
    $pass = mysql_real_escape_string($_POST["users_pass"]);

  2. before querying check whether user submitted the form at all and data exist:

    if(isset($_POST["users_email"])) {
    $email = mysql_real_escape_string($_POST["users_email"]);
    } else {
    // handle the error
    ...
    }

  3. use some error checking upon querying:

    $result = mysql_query("SELECT users_email, users_pass FROM login WHERE users_email = $email") or die('ERROR');

  4. avoid mysql extension, move to mysqli or PDO as soon as you can.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.