login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

login

Post by massimorai »

Hello Folks, newbie here... I am fiddling around with creating a basic login script but i keep getting the same error

Code: Select all

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /Applications/XAMPP/xamppfiles/htdocs/testsite/checklogin.php on line 19
Here is my php code for review. thanks in advanced guys, remember i am a newbie dont laugh at my code!

Code: Select all

<?php

//starts a session
     session_start();

$username = $_POST['username'];
$password = $_POST['password'];
$_SESSION['username'] = $_POST['username'];

//connect to the db and create query string to be executed...
     $mysqli = new MySQLi("localhost", "root", "", "members");
     $sql = "SELECT * FROM members WHERE username = '$username' and password = '$password'";
     $result	= mysql_query($sql);

// Mysql_num_row is counting table row
     $count	= mysql_num_rows($result);

//loop through databse and check if user exists
     if($count==1) {
	     header("location:login_success.php");
}
else {
	echo "login failed";
}


?>
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

You create a mysqli object, then ignore it and try to use mysql_ functions.

Try something like this:

Code: Select all

$mysqli = new mysqli('localhost', 'root', '', 'members');
$query = "SELECT * FROM members WHERE username = '{$username}' AND password = '{$password}'";
$result = $mysqli->query($query)->fetch_all();
While we're at it, you really ought to escape user data before passing it into a query, and you should store password hashes in the database, not the passwords themselves.
Last edited by Celauran on Tue Feb 07, 2012 8:13 pm, edited 1 time in total.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

Interesting, so basically i am inconsistent with the coding?

what would be the proper function to use if using MySQL-Improved syntax?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

massimorai wrote:what would be the proper function to use if using MySQL-Improved syntax?
Something like this:

Code: Select all

$mysqli = new mysqli('localhost', 'root', '', 'members');

$username = $mysqli->real_escape_string($_POST['username']);
$password = $mysqli->real_escape_string($_POST['password']);

$query = "SELECT * FROM members WHERE username = '{$username}' AND password = '{$password}'";
$result = $mysqli->query($query)->fetch_all();
MySQLi Book
Last edited by Celauran on Tue Feb 07, 2012 8:16 pm, edited 1 time in total.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

I got the following error :s

Fatal error: Call to undefined method mysqli_result::fetch_all() in /Applications/XAMPP/xamppfiles/htdocs/testsite/checklogin.php on line 13
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

Not sure why. You can use fetch_assoc instead.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

fetch_assoc worked, but i got this message all over again...

Warning: mysql_num_rows() expects parameter 1 to be resource, array given in /Applications/XAMPP/xamppfiles/htdocs/testsite/checklogin.php on line 18
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

For the same reason. You can't use mysql_ functions with mysqli. You want $result->num_rows

I posted a link earlier to the php.net MySQLi documentation. It's a good reference.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

Thanks for your help Celauran, you've been a great resource...

cheers
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

Hey Celauran,

I was able to put it together properly... As it turns out, i think the reason is because Dreamweaver doesnt support MySQLi syntax. odd, because it says it does... but as soon as i changed all of my code back to mysql_functions everything worked and authenticated correctly... here is the code:

<?php

//starts a session
session_start();

$username = $_POST['username'];
$password = $_POST['password'];
$_SESSION['username'] = $_POST['username'];

//connect to the db
mysql_connect ("localhost", "root", "") or die ('Error: ' . mysql_error());

//select the table to be used
mysql_select_db ("members");

//query string to be executed
$sql = "SELECT * FROM members WHERE username = '$username' and password = '$password'";
$result = mysql_query($sql);

// Mysql_num_row is counting table row
$count = mysql_num_rows($result);

//loop through databse and check if user exists
if($count==1) {
header("location:login_success.php");
}
else {
echo "login failed";
}


?>

I know this is not the most efficient way, but im learning little at a time... i will start to add more complex queries, and ensure my passwords are stored via the hashes and not displayed. thanks again for your help
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

You'd do better to abandon Dreamweaver than to abandon MySQLi IMO.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

really... which program would you recommend?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

I like NetBeans, but Eclipse and PHP Storm are also quite good.
massimorai
Forum Newbie
Posts: 13
Joined: Mon Feb 06, 2012 8:01 am

Re: login

Post by massimorai »

do i need to change the settings in the php.ini file to enable MySQL-improved?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: login

Post by Celauran »

I've never had to, though I suppose it could depend on your system.
Post Reply