Fatal error: Call to undefined method mysqli_result::fetch() in C:\wamp\www\...... on line 12

Question

I'm trying to test my login page, thus when I log in it should redirect to my account page, but I get this error

Fatal error: Call to undefined method mysqli_result::fetch() in C:\wamp\www...... on line 12

here is my source code for the Login.php page

<?php require ("connections/Connection.php"); ?>
<?php 

if(isset($_POST['Login_Button'])) {

    session_start();
    $Email = $_POST['Email'];
    $Password = $_POST['Password'];

$result = $Conn->query("Select UserID FROM users WHERE Email='$Email' AND Password='$Password'");

    while ($num_rows = $result->fetch(MYSQLI_BOTH));

{

session_start();

    $_SESSION["UserID"] = $num_rows['UserID'];

        header('Location: Account.php');

    }
}
?>

<!doctype html>
<html>
<head>
<link href="assets/css/Master.css" rel="stylesheet" type="text/css" />
<link href="assets/css/Menu.css" rel="stylesheet" type="text/css" />
<meta charset="utf-8">
<title>Template</title>
</head>

<body>
<div class="Container">
    <div class="Header"></div>
    <div class="Menu">
        <div id="Menu">
            <nav>
                <ul class="cssmenu">
                    <li><a href="#">Register</a></li>
                    <li><a href="#">LogIn</a></li>
                </ul>
            </nav>
        </div> 
</div>
  <div class="LeftBody"></div>
    <div class="RightBody">
            <form action="" method="post" name="LoginForm" id="LoginForm">
                <div class="FormElement"> <input name="Email" type="email" required="required" class="TField" id="Email" placeholder="Email"> </div>
                <div class="FormElement"> <input name="Password" type="password" required="required" class="TField" id="Password" placeholder="Password"> </div>                
                <div class="FormElement"> <input name="Login_Button" type="submit" class="button" id="Login_Button" value="Login"> </div>
      </form>
    </div>
    <div class="Footer"></div>
</div>
</body>

Here is my connection.php (Mysqli connect code)

<?php 

$dbhost = "localhost";
$dbuser = "root";
$dbpass = "";
$dberror1 = "Could Not Connect to Your Database";
$dberror2 = "Could Not Find Your Table";

$Conn = mysqli_connect($dbhost, $dbuser, $dbpass) or die ($dberror1);

$Select_db = mysqli_select_db($Conn, 'users') or die ($dberror2);

$query = mysqli_query($Conn, "Select * FROM users");

$num_rows = mysqli_num_rows($query);

if($num_rows != 0){

while ($fetch = mysqli_fetch_assoc($query)){

echo $fetch['UserID'];
}
}

?>

Can someone help?

Answer 1

You are missing a comma in the SQL query:

$result = $Conn->query("Select * FROM users WHERE
Email='$Email' AND Password='$Password");

Should be:

$result = $Conn->query("Select * FROM users WHERE
Email='$Email' AND Password='$Password'");

Because of this the query fails and $result is false, which means fetch() fails as well. In general you should check that $result is valid before proceeding.

Also consider escaping the email and password, if you don't want Bobby Table to break your database :)