h1234 Posted September 30, 2013 Share Posted September 30, 2013 its a login form here is my code thats producing the error . I am really new to php. this is for a project . thanks for the help. function login($username , $password){ GLOBAL $dbc; //database $user_id= user_id_from_username($username); $username = sanatize($username); $password = md5($password); $query= mysqli_query($dbc,"SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password ` = '$password'"); MYSQLI_ERROR($query); $check= mysqli_fetch_array( $query , MYSQLI_BOTH); // even if i add this set of code the query still gives the above error. } Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/ Share on other sites More sharing options...
mac_gyver Posted September 30, 2013 Share Posted September 30, 2013 the mysqli_error( ... ) statement requires the mysqli connection link as a parameter. and how do i know that, by reading the documentation and examples for that particular statement in the php.net documentation. you also need to echo the string that mysqli_error returns so that you can see it in the browser. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451833 Share on other sites More sharing options...
h1234 Posted September 30, 2013 Author Share Posted September 30, 2013 the mysqli_error( ... ) statement requires the mysqli connection link as a parameter. and how do i know that, by reading the documentation and examples for that particular statement in the php.net documentation. you also need to echo the string that mysqli_error returns so that you can see it in the browser. hi thanks i did that and it says Unknown column 'password ' in 'where clause'Array ( ) Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451839 Share on other sites More sharing options...
mac_gyver Posted September 30, 2013 Share Posted September 30, 2013 what do you suppose that error means? Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451841 Share on other sites More sharing options...
h1234 Posted September 30, 2013 Author Share Posted September 30, 2013 (edited) what do you suppose that error means? i fixed it but now my code wont doesnt care if the password is incorrect or not. I think it has something to do with the $check variable but i cant figure it out :/ it has to check and see if both username and password it correct(username works ) in oder to proceed.my login page contains all the if statements for this . When i check the mysqli_error($dbc) is only echo's Array ( ) function login($username , $password){ GLOBAL $dbc; $user_id = user_id_from_username($username); $username = sanatize($username); $password = md5($password); $query= mysqli_query($dbc,"SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"); $check= mysqli_fetch_array( $query , MYSQLI_BOTH); return ($check[0]==1)? $user_id : false; Edited September 30, 2013 by h1234 Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451857 Share on other sites More sharing options...
Ch0cu3r Posted September 30, 2013 Share Posted September 30, 2013 (edited) You want to see if the query returned any results using the mysqli_num_rows not mysqli_fetch_array function login($username , $password) { GLOBAL $dbc; // <--- BAD PROGRAMMING $user_id = user_id_from_username($username); $username = sanatize($username); $password = md5($password); $query = mysqli_query($dbc, "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"); // check query return any results (results are returned as rows) // if we have a result then the login credentials matched if(mysqli_num_rows($dbc) > 0) { return true; } // no results found so return false return false; } Please use code tags when posting code. Press the <> button before pasting code into the reply box. Edited September 30, 2013 by Ch0cu3r Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451861 Share on other sites More sharing options...
h1234 Posted September 30, 2013 Author Share Posted September 30, 2013 You want to see if the query returned any results using the mysqli_num_rows not mysqli_fetch_array function login($username , $password) { GLOBAL $dbc; // <--- BAD PROGRAMMING $user_id = user_id_from_username($username); $username = sanatize($username); $password = md5($password); $query = mysqli_query($dbc, "SELECT COUNT(`user_id`) FROM `users` WHERE `username` = '$username' AND `password` = '$password'"); // check query return any results (results are returned as rows) // if we have a result then the login credentials matched if(mysqli_num_rows($dbc) > 0) { return true; } // no results found so return false return false; } Please use code tags when posting code. Press the <> button before pasting code into the reply box. thanks alot but why is Global $dbc bad programming? . I used the mysqli_num_row but it seems that it is not validating my password, i can type in any password and it works the only thing it checks is to see if my username is correct if it is it proceeds regardless of password Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451869 Share on other sites More sharing options...
vinny42 Posted September 30, 2013 Share Posted September 30, 2013 but why is Global $dbc bad programming? Because the function depends on something that must exist in the environment, which means that the caller cannot tell the function what to use, it must know what the function needs and prepare the environment in such a way that hopefully the function will do what is expected. It is much better to pass the value of $dbc along in the paramters, so that the calling script has 100% control over what data the function uses, without having to know anything about the internals of the function. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451889 Share on other sites More sharing options...
TOA Posted September 30, 2013 Share Posted September 30, 2013 It would be mysqli_num_rows($query), not $dbc. The call to num_rows is made to the result set. And by getting a COUNT(), it will always return a result so checking for num_rows won't work. Either change your select, or fetch the results and check for > 0 there. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451891 Share on other sites More sharing options...
h1234 Posted September 30, 2013 Author Share Posted September 30, 2013 It would be mysqli_num_rows($query), not $dbc. The call to num_rows is made to the result set. And by getting a COUNT(), it will always return a result so checking for num_rows won't work. Either change your select, or fetch the results and check for > 0 there. thanks but what must i change the select too? Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451912 Share on other sites More sharing options...
Ch0cu3r Posted September 30, 2013 Share Posted September 30, 2013 I'd just have it return the user_id and not COUNT(`user_id`). Then mysqli_num_rows should work as expected. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451932 Share on other sites More sharing options...
vinny42 Posted September 30, 2013 Share Posted September 30, 2013 I'd just have it return the user_id and not COUNT(`user_id`). Then mysqli_num_rows should work as expected. Yes, but if you only wnat to count then this is a very wstefull way to do it. do this: SELECT COUNT(*) AS number_of_rows FROM .... then fetch one result and look at it's "numer_of_rows" column. That is the most efficient way to count. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451953 Share on other sites More sharing options...
DavidAM Posted September 30, 2013 Share Posted September 30, 2013 Yes, but if you only wnat to count then this is a very wstefull way to do it. When doing a login page (as the OP is), you usually have other pages that are restricted to logged-in users. In many cases, you want to know WHO is logged it (at some point). So the "most efficient" method would be to select the USER_ID and store it in a SESSION variable which can be retrieved by later pages as needed. Since a user's login MUST be unique, there will only be one row returned, so there is only ONE fetch. In this instance, there is no difference in performance between fetching the count column and fetching the user-id column. $sql = "SELECT user_id FROM users WHERE username = '$username' AND password = '$password'"; $query = mysqli_query($dbc, $sql); if ($query) { $row = $query->fetch_assoc(); if ($row) { // A row was returned $_SESSION['user_id'] = $row['user_id']; } else { // Invalid Username OR Password } } else { // ERROR unable to access the database } In fact, I might select the user's "Display Name" and "Access Rights" (if applicable) and then just assign the entire row to the SESSION so I don't have to hit the database to check his/her access or name on every page load. But that really depends on the application requirements. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451963 Share on other sites More sharing options...
vinny42 Posted October 1, 2013 Share Posted October 1, 2013 In this instance, there is no difference in performance between fetching the count column and fetching the user-id column It's true that if you are going to use the user's data anyway then you might as well select it, counting to see if you can later select them would be extra work. But that said, I don't want people to get the idea that it's good practice to select records when they just want to count. Even selecting a single record can be significantly slower than doing a count because a count() can be done using only the indexes, whereas fetching data from the record itself requires accessing the datafiles. Ona different not, you should *never* put the password in the query, in any way. Select it and verify it in the application. Reason: queries are often logged by the database and unles you have complete control over those logs you have no idea who can read them. I've seen hosters who put the logs in the webroot, effectively making them visible to the world. Quote Link to comment https://forums.phpfreaks.com/topic/282554-i-get-this-error-warning-mysqli_error-expects-parameter-1-to-be-mysqli-boolean-given-in/#findComment-1451988 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.