jackmcnally Posted September 27, 2011 Share Posted September 27, 2011 Hi Guys, I have this MYSQL/PHP script for a forgotten password. This is the error I'm getting: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/xxxx/public_html/xxxx/xxxx/forgotpass.php on line 30 The username was not found. This is the code <?php error_reporting (E_ALL ^ E_NOTICE); session_start(); $userid = $_SESSION['userid']; $username = $_SESSION['username']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Panemonium | Forgot Password</title> </head> <body> <?php if (!$username && !$userid){ if ($_POST['resetbtn']){ // get the form data $user = $_POST['user']; $email = $_POST['email']; // make sure info provided if ($user){ if ($email){ if ( (strlen($email) > 7) && (strstr($email, "@")) && (strstr($email, ".")) ){ // connect require("./connect.php"); $query = mysql_query("SELECT * FROM users WHERE username='$user'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ // get info about account $row = mysql_fetch_assoc($query); $dbemail = $row['email']; // make sure the emial is correct if ($email == $dbemail){ // generate password $pass = rand(); $pass = md5($pass); $pass = substr($pass, 0, 15); $password = md5(md5("kjfiufj".$pass."Fj56fj")); // update db with new pass mysql_query("UPDATE users SET password='$password' WHERE username='$user'"); // make sure the paassword was changed $query = mysql_query("SELECT * FROM users WHERE username='$user' AND password='$password'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ // create email vars $webmaster = "admin@nickfrosty.com"; $headers = "From: President Snow"; $subject = "Pandemonium Forgotten Password"; $message = "Tsk, Tsk, Tsk. Forgotten your password already? One more time and an execution may be in order. Your new password is below. You may rechange it in the Citizens Zone prefrences section.\n"; $message .= "Password: $pass\n"; //echo $pass."<br />"; if ( mail($email, $subject, $message, $headers) ){ echo "Your password has been reset. An email has been sent with your new password."; } else echo "An error has occured and your email was not sent containing your new password."; } else echo "An error has occured and the password was not reset."; } else echo "You enter the wrong email address."; } else echo "The username was not found."; mysql_close(); } else echo "Please enter a valid email address."; } else echo "Please enter you email."; } else echo "Please enter you username."; } echo "<form action='./forgotpass.php' method='post'> <table> <tr> <td>Username:</td> <td><input type='text' name='user' /></td> </tr> <tr> <td>Email:</td> <td><input type='text' name='email' /></td> </tr> <tr> <td></td> <td><input type='submit' name='resetbtn' value='Reset Password' /></td> </tr> </table> </form>"; } else echo "Please logout to view this page."; ?> </body> </html> Could someone please tell me where I've gone wrong? Thanks, Jack Quote Link to comment Share on other sites More sharing options...
Buddski Posted September 27, 2011 Share Posted September 27, 2011 This happens when the query fails (usually). Try this where your Username not found error is displayed. echo "The username was not found.<br/>" , mysql_error(); Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2011 Share Posted September 27, 2011 change $query = mysql_query("SELECT * FROM users WHERE username='$user'"); to $query = mysql_query("SELECT * FROM users WHERE username='$user'") or die(mysql_error()); and see what error you get Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 27, 2011 Author Share Posted September 27, 2011 @ Budski I am returned with the following error Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/uberdir1/public_html/panemonium/snowspeeps/forgotpass.php on line 30 The username was not found.No database selected Does this have something to do with my connect.php file? I have written it below so you can lookover. <?php mysql_connect("localhost", "xxxdbusernamexxx", "xxxdbpasswordxxx"); mysql_select_db("xxxdbnamexxx"); ?> @Madtechie Now, that seems to have maybe fixed it! I am returned with the following No database selected But as said above, that may have to do with the connect.php file? Could you also please look over that and tell me of any errors? Thanking you ever so much! Jack Quote Link to comment Share on other sites More sharing options...
the182guy Posted September 27, 2011 Share Posted September 27, 2011 Verify your host, username and password. Also check what mysql_connect() and mysql_select_db() are returning, they will return false if there's a problem. Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 27, 2011 Author Share Posted September 27, 2011 Thanks, you saved me! One last problem, I am being confronted with this error message Table 'xxxxx_xxxx.users' doesn't exist Now, I know xxxx_xxxx is my database name and presume .users is the table name. I want .users to change to .fgusers6 . What would I need to edit to do this? Thanks, Jack Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2011 Share Posted September 27, 2011 you're need to change you're queries, So change all the "SELECT * FROM Users" to "SELECT * FROM fgusers6" and "UPDATE Users" to "UPDATE fgusers6" Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 27, 2011 Author Share Posted September 27, 2011 Hi Guys, That fixed that error! But another has shown up. Forgive me, I am just starting out with PHP/MYSQL! I am used to HTML and CSS! Now, I am being told the following An error has occured and the password was not reset. Would this have anything to do with the submitted row names not matching the actual row names? My row names (that should be the only ones used for this purpose) are password and username. I think the password one is right, but I have my doubts about username. Is the script calling it user instead? Thanks, Jack Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 27, 2011 Share Posted September 27, 2011 sometimes your need to prefix your account name to the username of the database, E.g. Account: myAcc Database Name: test Database UserName: user Database Password: pass So the details could be mysql_connect("localhost", "user", "pass"); mysql_select_db("test"); or even mysql_connect("localhost", "myAcc_user", "pass"); mysql_select_db("myAcc_test"); it depends on the host Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 27, 2011 Author Share Posted September 27, 2011 I have always had the prefix in. Eg. prefix_name Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 28, 2011 Author Share Posted September 28, 2011 Is anyone else able to shed some light? Quote Link to comment Share on other sites More sharing options...
the182guy Posted September 28, 2011 Share Posted September 28, 2011 That message is showing because this evaluates to false: if ($numrows == 1) Which means your query here is either returning no rows, or more than one: $query = mysql_query("SELECT * FROM users WHERE username='$user' AND password='$password'"); Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 28, 2011 Author Share Posted September 28, 2011 Thanks for that, that was probabally the problem? Would you be able to tell me how I could fix that? Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 28, 2011 Author Share Posted September 28, 2011 Hey Guys, Would anyone be able to help me out here? I need this up and running asap Thanks so much! Jack Quote Link to comment Share on other sites More sharing options...
Buddski Posted September 28, 2011 Share Posted September 28, 2011 You need to find out what is being returned from the query that the182guy pointed out. As stated, the query is either finding NO results or is finding more than 1 result. Change echo "An error has occured and the password was not reset."; to echo "An error has occured and the password was not reset.<br/>The query found ".$numrows." results."; If the result is 0 then the password obviously didnt work.. if it found 2 or more it means that you have duplicate entries in your database that need to be taken care of.. Might I suggest making the `username` field a UNIQUE field (if it isnt already) Quote Link to comment Share on other sites More sharing options...
jackmcnally Posted September 28, 2011 Author Share Posted September 28, 2011 Thanks for that, I changed it to what you stated but it keeps saying that the query found 0 results when I type in the right username and email. Did you need me to do that UNIQUE thing, and if so, how would I do that? Thanks Heaps! Quote Link to comment Share on other sites More sharing options...
Buddski Posted September 28, 2011 Share Posted September 28, 2011 Your query isnt finding any results after the you update the password. Make sure the Update query isnt throwing an error because if that fails, it would explain the error you are getting. mysql_query("UPDATE users SET password='$password' WHERE username='$user'"); //Change to mysql_query("UPDATE users SET password='$password' WHERE username='$user'") or die(mysql_error()); As for the UNIQUE problem, you will need to edit the database structure and create a unique index for the username field, if you havent already. Quote Link to comment Share on other sites More sharing options...
the182guy Posted September 28, 2011 Share Posted September 28, 2011 In addition to Buddski's comments, it's a good idea to use a LIMIT on the query if you only want 1 row back. $query = mysql_query("SELECT * FROM users WHERE username='$user' AND password='$password' LIMIT 1"); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.