I am trying to make a login system for my website but there is an error comming every time i run it that says:
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\login_system\includes\login.php on line 46.
I'v searched around the web for a sulution and tryed out a few things but it doesn't seem to be working so please help me if someone can figure it out
Here is my code:
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
$form = "<form action='login.php' method='post'>
<table>
<tr>
<td>Brugernavn:</td>
<td><input type='text' name='bruger' /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td><input type='submit' name='logind_btn' value='Log ind' /></td>
</tr>
</table>
</form>";
if($_POST['logind_btn']){
$bruger = $_POST['bruger'];
$password = $_POST['password'];
if($bruger){
if($password){
require("tilslut.php");
$password = md5(md5("dj4fJsd".$password."gd34aH"));
// vær sikker på login info er korrekt
$query = mysql_query("SELECT * FROM brugere WHERE brugernavn='$bruger'");
$numrows = mysql_num_rows($query);
if ($numrows == 1){
$row = mysql_fetch_assoc($query);
$dbbrugerID = $row['id'];
$dbbruger = $row['brugernavn'];
$dbpass = $row['password'];
$dbactive = $row['active'];
if($password == $dbpass){
if($dbactive == 1){
$_SESSION['brugerID'] = $dbbrugerID;
$_SESSION['brugernavn'] = $dbbruger;
echo "Du er nu logget ind som <b>$dbbruger</b>. <a href='medlem.php'>Klik her</a> for at gå til Medlems siden!";
}
else
echo "Du skal aktivere din konto for at logge ind. $form";
}
else
echo "Du intastede ikke det korrekte password. $form";
}
else
echo "Det intastede brugernavn blev ikke fundet. $form";
mysql_close();
}
else
echo "Du skal skrive dit password! $form";
}
else
echo "Du skal skrive et brugernavn! $form";
}
else
echo $form;
?>
Let's take a closer look at that error message of yours:
Warning: mysql_num_rows() expects ...
AHA! So mysql_num_rows() is causing problems. Good thing you only have it once in your code, since I didn't want to count your lines finding the one causing this error
... expects parameter 1 to be resource, boolean given ...
Oh, so something seems to be wrong with the parameter. Lets look closely at your code:
$query = mysql_query(...);
$numrows = mysql_num_rows($query);
So $query is a boolean (true/false) - how can this be? Right, manual always knows best
For SELECT, SHOW, DESCRIBE, EXPLAIN and other statements returning resultset, mysql_query() returns a resource on success, or FALSE on error.
For other type of SQL statements, INSERT, UPDATE, DELETE, DROP, etc, mysql_query() returns TRUE on success or FALSE on error.
mysql_query() will also fail and return FALSE if the user does not have permission to access the table(s) referenced by the query.
So the problem is that your query probably fails and hence returns false which is not a valid resource but rather a boolean
Also keep in mind that mysql_* functions are officially deprecated and hence should not be used in new code. You can use PDO or MySQLi instead. See this answer on SO for more information.