-1

Ola, I've recently been following this tutorial http://www.onlinetuting.com/create-login-script-in-php/

but I've made it but had to change a couple of things to get it to connect to the server I'm using but now the only thing that happens when I click login with a correct or incorrect email and password it simply pops up saying incorrect password and never makes it to blog.php the comes up with this error:

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in /SHOME1/sessions/login.php on line 33 Call Stack: 0.0013 647688 1. {main}() /SHOME1/sessions/login.php:0 0.0021 652200 2. mysqli_num_rows() /SHOME1/sessions/login.php:33

if someone understands the problem I'm having?

Here are the 2 files I have:

index.php

<!DOCTYPE html><?php error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true); session_start();?>
<html>
<head>
<title>User Login</title>
</head>
<body>
<form action="login.php" method="post">
<table width="500" align="center" bgcolor="skyblue">
<tr align="center">
<td colspan="3"><h2>User Login</h2></td>
</tr>
<tr>
<td align="right"><b>Email</b></td>
<td><input type="text" name="email" required="required"/></td> 
</tr>
<tr>
<td align="right"><b>Password:</b></td>
<td><input type="password" name="pass" required="required"></td>
</tr>
<tr align="center">
<td colspan="3">
<input type="submit" name="login" value="Login"/> 
</td>
</tr>
</table>
</form>
</body>
</html>

login.php

<?php

error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);
// establishing the MySQLi connection

$hostname = "localhost";
$username = "userexample";
$password = "passexample";
$database = "userdbexample_db1";
$con = new mysqli($hostname, $username, $password, $database);

if (mysqli_connect_errno())
{
    echo "MySQLi Connection was not established: " . mysqli_connect_error();
}
// checking the user

if(isset($_POST['login'])){

$email = mysqli_real_escape_string($con,$_POST['email']);

$pass = mysqli_real_escape_string($con,$_POST['pass']);

$sel_user = "select * from users where user_email='$email' AND user_pass='$pass'";

$run_user = mysqli_query($con, $sel_user);

$check_user = mysqli_num_rows($run_user);

if($check_user>0){

$_SESSION['user_email']=$email;

echo "<script>window.open('blog.php','_self')</script>";

}

else {

echo "<script>alert('Email or password is not correct, try again!')</script>";

}

}

?>

Thanks in advance!

John B
  • 105
  • 1
  • 2
  • 11
  • 2
    try using `mysqli_error()` to find out why your query failed, ie. change `$run_user = mysqli_query($con, $sel_user);` to `$run_user = mysqli_query($con, $sel_user) or die(mysqli_error($con));` – Sean Jan 30 '16 at 00:26
  • 2
    I'll bet you probably didn't choose the right database, or table, or column names are wrong or a mix of. What @Sean suggested you use, will tell you that. You may even have whitespace introduced somewhere, could be anything really. Also show us what `var_dump();` produces. – Funk Forty Niner Jan 30 '16 at 00:36
  • 1
    well you have an answer below, ask them. I've stayed here long enough. – Funk Forty Niner Jan 30 '16 at 00:47
  • Right I've realised I had the database set to user_password instead of user_pass so now if I login with the correct details it will load the blog.php page but if I put anything wrong in (after using the mysqli_error()) I get Warning: mysqli_error() expects exactly 1 parameter, 0. So this means run_user is definitely getting nothing init right? – John B Jan 30 '16 at 00:58

1 Answers1

-1

Your Query is failing and result object $run_user is empty which is why you're getting this error I'd take a look at your query or make sure the variables you are passing to the query string are set.

Sam Orozco
  • 1,258
  • 1
  • 13
  • 27
  • 2
    *"or make sure the variables you are passing to the query string are set"* - They'd be getting a totally different error message (syntax error), if that were the case. – Funk Forty Niner Jan 30 '16 at 00:41