phingoc Posted October 4, 2011 Share Posted October 4, 2011 Hi. i get this error msg when trying to run this script: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\reg.php on line 14 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\reg.php on line 20 reg.php <?php $connect = mysql_connect("localhost","xx","xx") or die("Kunne ikke koble til database."); mysql_select_db("xxx") or die("Kunne ikke finne database"); $username = $_POST['brukernavn']; $password = $_POST['passord']; $confirm_password = $_POST['confirm_password']; $email = $_POST['epost']; $name = $_POST['navn']; $place = $_POST['bosted']; $queryuser=mysql_query("SELECT * FROM brukere WHERE brukernavn='$username' "); $checkuser=mysql_num_rows($queryuser); if($checkuser != 0) { echo "Beklager, ".$username." er allerede i bruk. Venligst velg ett annet brukernavn."; } else { $querymail=mysql_query("SELECT * FROM brukere WHERE epost='$email' "); $checkmail=mysql_num_rows($querymail); if($checkmail != 0) { echo "Beklager, ".$email." er allerede i bruk."; } else { if($password != $confirm_password) { echo "Passordene du tastet matcher ikke."; } else { $insert_user=mysql_query("INSERT INTO brukere (brukernavn, passord, epost, navn, bosted) VALUES ('$username', '$password', '$email', '$name', '$place')"); if($insert_user) { echo "Gratulerer, du er nå registrert. Du kan nå logge inn på venstre side."; } else { echo "Noe galt skjedde under registreringen, venligst gå tilbake og prøv på nytt."; } }}} ?> Someone know why? i have check, double checkd and tripple checkd the variables in the script, form and database. Link to comment https://forums.phpfreaks.com/topic/248422-mysql_num_rows-error/ Share on other sites More sharing options...
Pikachu2000 Posted October 4, 2011 Share Posted October 4, 2011 A query is failing. Use mysql_error to find out why. Link to comment https://forums.phpfreaks.com/topic/248422-mysql_num_rows-error/#findComment-1275734 Share on other sites More sharing options...
AbraCadaver Posted October 4, 2011 Share Posted October 4, 2011 if(!$queryuser) { echo mysql_error(); } Link to comment https://forums.phpfreaks.com/topic/248422-mysql_num_rows-error/#findComment-1275736 Share on other sites More sharing options...
Psycho Posted October 4, 2011 Share Posted October 4, 2011 You queries are failing. You need to add error handling to trap those errors. In a dev environment you can just add an "or die(mysql_error())" to the query call, but for a production environment you can add something a little more elegant that won't display database errors to the user. Also, you are not escaping the user input which could cause the query to fail or, worse, open you up to SQL injection. You are also missing a lot of validation. For example, if the passwords are empty the will still be equal and the validation will pass. I made a lot of changes, so I can't guarantee this will work without some fixing of typos, but once that is taken care of you will get informative messages when there is a DB error <?php //Function to display db error messages based on dev or production environment function showDatabaseError($query, $userMessage=false) { $debugMode = true; //set to false for production environment if($debugMode) { echo "A DB error occured with the query: $query<br>Error: " . mysql_error(); } else { if($userMessage!==false) { echo $userMessage; } else { echo "A database error occured. Please try again later."; } } } $connect = mysql_connect("localhost","xx","xx") or die("Kunne ikke koble til database."); mysql_select_db("xxx") or die("Kunne ikke finne database"); $username = trim($_POST['brukernavn']); $usernameSQL = mysql_real_escape_string($username); $query = "SELECT brukernavn FROM brukere WHERE brukernavn='$usernameSQL'"; $result = mysql_query($query); if(!$result) { showDatabaseError($query); } elseif(mysql_num_rows($result)) { echo "Beklager, $username er allerede i bruk. Venligst velg ett annet brukernavn."; } else { $email = trim($_POST['epost']); $emailSQL = mysql_real_escape_string($email); $query = "SELECT epost FROM brukere WHERE epost='$emailSQL'"; $result = mysql_query($query); if(!$result) { showDatabaseError($query); } elseif(mysql_num_rows($result)) { echo "Beklager, $email er allerede i bruk."; } else { //You should really be hashing the password! $password = mysql_real_escape_string($_POST['passord']); $confirm_password = mysql_real_escape_string($_POST['confirm_password']); if($password != $confirm_password) { echo "Passordene du tastet matcher ikke."; } else { $nameSQL = mysql_real_escape_string(trim($_POST['navn'])); $placeSQL = mysql_real_escape_string(trim($_POST['bosted'])); $query = "INSERT INTO brukere (brukernavn, passord, epost, navn, bosted) VALUES ('$usernameSQL', '$password', '$emailSQL', '$nameSQL', '$placeSQL')"; $insert_user = mysql_query($query); if(!$result) { showDatabaseError($query, "Noe galt skjedde under registreringen, venligst gå tilbake og prøv på nytt."); } else { echo "Gratulerer, du er nå registrert. Du kan nå logge inn på venstre side."; } } } } ?> Link to comment https://forums.phpfreaks.com/topic/248422-mysql_num_rows-error/#findComment-1275747 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.