After logging in the errors are shown

Question

index.php

    <?php
    include 'login.php';
    if(isset($_SESSION['login_user']) && $_SESSION['userlevel'] == 1)
    header("location: profile.php");
    elseif(isset($_SESSION['login_user']) && $_SESSION['userlevel']==2)
    header("location: profile1.php");
    ?>
    <!DOCTYPE html>
    <html>
    <head>
        <title>Login Form </title>
        <link href = "style.css" rel = "stylesheet" type ="text/css">
    </head>
    <body background ="water.jpg">
        <div id = "main" align = "center">
        <table align = "center" width ="100%">
            <tr>
            <td><img src= "asset2.jpg" width ="200" height ="156"></td>
            <td><img src= "asset3.jpg" width ="500" height ="156"></td>
                <td><img src= "asset2.jpg" width ="200" height ="156"></td>
            </tr>
            </table>
            <table align = "center" bgcolor = "#FF00CC" width = "100%" height ="5">
            <tr>
                <td>
                <marquee><font color= "#FFFFFF" face = "22eorgia"><b><i>HELLO..PLEASE FILL IN THE DETAILS TO LOGIN..</i></b></font></marquee>
                </td>
            </tr>
            </table>
            <div id = "login">
            <h2 align = "left">Login Form</h2>
            <form action = "" method = "post">
                <br/>
                <br/>
                <label>
                <div align = "left">UserName:
                </div>
                </label>
                <div align = "left">
                <input id = "name" name ="username" placeholder = "Enter the username" type = "text">
                </div>
                <label>
                <div align = "left">Password:
                </div>
                </label>
                <div align = "left">
                <input type ="password" name = "password" placeholder="Enter the password" type = "password">
                <br/>
                <br/>
                <input name = "submit" type = "submit" value = "Login">
                <span><?php echo $error;?></span>
                </div>
            </form>
            </div>
        </div>
        </body>
    </form>

login.php

    <?php
    session_start();
    $error="";
    if(isset($_POST['submit']))
    {
      if(empty($_POST['username']) || empty($_POST['password'])){
        $error = "Username or Passwor invalid";
      }
      else{
        $username= $_POST['username'];
        $password = $_POST['password'];
        $username = stripslashes($username);
        $password = stripslashes($password);
        $username= mysql_real_escape_string($username);
        $password= mysql_real_escape_string($password);
        require_once 'connection.php';
        $query =mysql_query("SELECT * FROM test_user where username ='$username' AND password= '$password'",$conn);
    
        $rows= mysql_fetch_array($query);
    
      
        $count=mysql_num_rows($query);
        if($count == 1){
          $_SESSION['login_user']= $username;
          $_SESSION['userlevel']= $rows['userlevel'];
        }
        else {
    
          $error = "Username or Password is invalid";
        }
        mysql_close($conn);
        }
      }
     ?>

connection.php

<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "testing";

// Create connection
$conn = mysqli_connect($servername,$username,$password,$dbname) or die(mysqli_connect_error());
$sql = "SELECT id, username,password FROM test_user";
$result = $conn->query($sql);


if ($result->num_rows > 0) {
    // output data of each row
    while($row = $result->fetch_assoc()) {
        echo "USERID : " . $row["id"]." " ."USERNAME :".$row["username"]." " ."PASSWORD :".$row["password"]."<br>";
//echo "USERNAME : " . $row["username"]." " ."email :".$row["email"]." "
//."PASSWORD :".$row["password"]." " ."date of join :".$row["date_of_join"]." " ."userlevel :".$row["userlevel"]."<br>";

    }
} else {
    echo "0 results";
}
$conn->close();
?>

And the following errors are shown:

Warning: mysql_query() expects parameter 2 to be resource, object given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 17

Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 19

Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 22

Warning: mysql_close() expects parameter 1 to be resource, object given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 31

Could you please provide additional information, like the structure of the table you try to get data from? Are there any entries or is it empty? — StuntHacks, Jun 12 '17 at 06:58
You are mixing up the `mysql_*` and `mysqli_*` extensions, please only use mysqli or PDO, as the `mysql_*` functions are deprecated in PHP 5 and completely removed in version 7, because they are no longer supported and are considered insecure. — Tobias F., Jun 12 '17 at 07:04

score 0 · Answer 1 · answered Jun 12 '17 at 07:06

0

After require_once 'connection.php'; in login.php Replace code with this

$query = mysqli_query($conn, "SELECT * FROM test_user where username ='$username' AND password= '$password'");

    $rows = mysqli_fetch_array($query);


    $count = mysqli_num_rows($query);
    if ($count == 1) {
       // $_SESSION['login_user'] = $username;
       // $_SESSION['userlevel'] = $rows['userlevel'];
       print_r($rows);
    } else {

        $error = "Username or Password is invalid";
    }
    mysqli_close($conn);

answered Jun 12 '17 at 07:06

Parag Soni

713
7
14

still errors are shown....Warning: mysqli_query(): Couldn't fetch mysqli in C:\xampp\htdocs\project_new\PHP_new\login.php on line 17 Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 19 Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, null given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 22 Warning: mysqli_close(): Couldn't fetch mysqli in C:\xampp\htdocs\project_new\PHP_new\login.php on line 31 – Akhil Jaiswal Jun 12 '17 at 07:10

score 0 · Answer 2 · answered Jun 12 '17 at 07:17

0

try to change mysql to mysqli You can't use mysql and mysqli altogether. use like this

$rows= mysqli_fetch_array($query);

hope it helps.. thank you.

answered Jun 12 '17 at 07:17

score 0 · Answer 3 · answered Jun 12 '17 at 07:18

Your Login. Try to use only mysqli as adviced by @akhil

<?php
session_start();
$error="";
if(isset($_POST['submit']))
{
    if(empty($_POST['username']) || empty($_POST['password'])){
    $error = "Username or Passwor invalid";
  }
  else{

    require_once 'connection.php';

    $username= $_POST['username'];
    $password = $_POST['password'];
    $username = stripslashes($username);
    $password = stripslashes($password);
    $username= mysqli_real_escape_string($conn, $username);
    $password= mysqli_real_escape_string($conn, $password);

    $query =mysqli_query($conn, "SELECT * FROM test_user where username ='$username' AND password= '$password'");

    $rows= mysqli_fetch_array($query);


    $count=mysqli_num_rows($query);
    if($count == 1){
      $_SESSION['login_user']= $username;
      $_SESSION['userlevel']= $rows['userlevel'];
    }
    else {

      $error = "Username or Password is invalid";
    }
    mysqli_close($conn);
    }
  }
 ?>

In addtion, also remember to place the connection code above the code which need it. — hans-könig, Jun 12 '17 at 07:25

JYoThI · Answer 4 · 2017-06-12T11:52:34.653

0

Your mixing mysql_ with mysqli_

Warning mysql_query, mysql_fetch_array,mysql_connect etc.. extensions were deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used.

use prepared statement like this

login.php

<?php
    session_start();
    $error="";
    if(isset($_POST['submit']))
    {
      if(empty($_POST['username']) || empty($_POST['password'])){
        $error = "Username or Passwor invalid";
      }
      else{
            $username= $_POST['username'];
            $password = $_POST['password'];
            $username = stripslashes($username);
            $password = stripslashes($password);
            $username= mysqli_real_escape_string($conn,$username);
            $password= mysqli_real_escape_string($conn,$password);
            require_once 'connection.php';

            $stmt = $conn->prepare("SELECT * FROM test_user where username =? AND password=?");
                    $stmt->bind_param('ss',$username,$password);
                        // i - integer
                        // d - double
                        //  s - string
                       //  b - BLOB
                      //change it by respectively 
                    $stmt->execute();
            $result=$stmt->get_result();
            $row_count= $result->num_rows;

            if($row_count>0){

                $_SESSION['login_user']= $username;
                $_SESSION['userlevel']= $rows['userlevel'];

            }else {

              $error = "Username or Password is invalid";
            }

            $stmt->close();
            $conn->close();
        }
      }
     ?>

edited Jun 12 '17 at 11:52

answered Jun 12 '17 at 07:31

JYoThI

11,977
1
11
26

error ..Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 14 Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\project_new\PHP_new\login.php on line 15Warning: mysqli::prepare(): Couldn't fetch mysqli in C:\xampp\htdocs\project_new\PHP_new\login.php on line 18 Fatal error: Call to a member function bind() on null in C:\xampp\htdocs\project_new\PHP_new\login.php on line 19 – Akhil Jaiswal Jun 12 '17 at 11:38
you need to pass the connection string as a first parameter like this $password= mysqli_real_escape_string($conn,$password); check my answer . @AkhilJaiswal – JYoThI Jun 12 '17 at 11:40
error persists.. – Akhil Jaiswal Jun 12 '17 at 11:46
what is the error now ? – JYoThI Jun 12 '17 at 11:50
try to change this modification too $stmt->bind_param('ss',$username,$password); – JYoThI Jun 12 '17 at 11:52
mysqli::prepare(): Couldn't fetch mysqli in C:\xampp\htdocs\project_new\PHP_new\login.php on line 19 Fatal error: Call to a member function bind() on null in C:\xampp\htdocs\project_new\PHP_new\login.php on line 20 – Akhil Jaiswal Jun 12 '17 at 11:54
try to modify my above mentioned comment . it will fix the error @AkhilJaiswal – JYoThI Jun 12 '17 at 11:55
Is there any changes to be done in connection.php – Akhil Jaiswal Jun 12 '17 at 11:56
no . just change this line $stmt->bind_param('ss',$username,$password); instead of this $stmt->bind('ss',$username,$password); – JYoThI Jun 12 '17 at 11:57

After logging in the errors are shown

4 Answers4