harryson1111

I am trying to create a "login" webpage. The PHP codes for the login (login100.php) are called by another file (index100.php). Whenever I run index100.php on XAMPP, I get two errors: Warning: mysqli_error() expects exactly 1 parameter, 0 given in C:\xampp\htdocs\login100.php on line 24 Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\login100.php on line 26 My codes for index.php are: <?php include('login100.php'); // Includes Login Script if(isset($_SESSION['login_user'])){ header("location: profile100.php"); } ?> <!DOCTYPE html> <html> <head> <title>Login Form in PHP with Session</title> <link href="style100.css" rel="stylesheet" type="text/css"> </head> <body> <div id="main"> <h1>PHP Login Session Example</h1> <div id="login"> <h2>Login Form</h2> <form action="" method="post"> <label>UserName :</label> <input id="name" name="username" placeholder="username" type="text"> <label>Password :</label> <input id="password" name="password" placeholder="**********" type="password"> <input name="submit" type="submit" value=" Login "> <span><?php echo $error; ?></span> </form> </div> </div> </body> </html> My codes for login.php are: <?php session_start(); // Starting Session $error=''; // Variable To Store Error Message if (isset($_POST['submit'])) { if (empty($_POST['username']) || empty($_POST['password'])) { $error = "Username or Password is invalid"; } else { // Define $username and $password $username=$_POST['username']; $password=$_POST['password']; // Establishing Connection with Server by passing server_name, user_id and password as a parameter $connection = mysqli_connect("localhost", "root", "", "Company"); // To protect MySQL injection for Security purpose $username = stripslashes($username); $password = stripslashes($password); $username = mysqli_real_escape_string($connection, $username); $password = mysqli_real_escape_string($connection, $password); // SQL query to fetch information of registerd users and finds user match. $sql = "SELECT * FROM login where password='$password' AND username='$username'"; $query = mysqli_query($connection, $sql); if (false === $query) { echo mysqli_error(); } $rows = mysqli_num_rows($query); if ($rows == 1) { $_SESSION['login_user']=$username; // Initializing Session header("location: profile100.php"); // Redirecting To Other Page } else { $error = "Username or Password is invalid"; } mysqli_close($connection); // Closing Connection } } ?> I have worked on this for the past FIVE days and I cannot resolve this issue. All I want is a code which fetches a user's username and password from the database, and no such username or password exist, a message saying "invalid password" is generated. For some reason, I'm getting the two error messages above. Can someone help?