Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given... what should I do?

Question

Here is the code

if (isset($_POST['signUp']))
{
    $username = mysqli_real_escape_string($database_connect, trim($_POST['username']));
    $email = mysqli_real_escape_string($database_connect, trim($_POST['email']));
    $password = mysqli_real_escape_string($database_connect, trim($_POST['password']));
    $password2 = mysqli_real_escape_string($database_connect, trim($_POST['password2']));

    if (!empty($username) && !empty($email) && !empty($password) && !empty($password2)
                 && $password == $password2)
        $query = "SELECT * from 'users' WHERE username = '$username'";
        $data = mysqli_query($database_connect, $query);
        if (mysqli_num_rows($data) == 0) {
            $query = "INSERT INTO 'users' (username, email, password, password2) VALUES('$username', '$email', SHA('$password'), SHA('$password2'))";
            mysqli_query($database_connect, $query);
            echo "OK";
            mysqli_close($database_connect);
            exit();
        } else {
            echo "Such login already exists";
        }

What should I do? P.S I have already searched on Stack Overflow for this problem but didn't find a solution.

**Never store passwords in clear text or using MD5/SHA1!** Only store password hashes created using PHP's [`password_hash()`](https://php.net/manual/en/function.password-hash.php), which you can then verify using [`password_verify()`](https://php.net/manual/en/function.password-verify.php). Take a look at this post: [How to use password_hash](https://stackoverflow.com/q/30279321/1839439) and learn more about [bcrypt & password hashing in PHP](https://stackoverflow.com/a/6337021/1839439) — Dharman, Apr 04 '20 at 19:17
OK this problem is fixed, thank you all! But it still doesn't saves any data to my database... — Mr Me, Apr 05 '20 at 10:24

score -2 · Answer 1 · answered Apr 04 '20 at 19:17

-2

You should read the documentation for mysqli::query. It returns a mixed type -- when your query fails, it returns false, not a valid result. So.. your query must have failed.

You need to check if $data === false before using $data.

answered Apr 04 '20 at 19:17

alzee

1,393
1
10
21

you, actually, don't – Your Common Sense Apr 04 '20 at 19:18
Checking the return value of `query` function is a really bad idea and completely unnecessary. If you enable proper error reporting such practice becomes completely redundant. – Dharman Apr 04 '20 at 19:22
OK this problem is fixed, thank you all! But it still doesn't saves any data to my database... – Mr Me Apr 05 '20 at 10:25

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given... what should I do?

1 Answers1