Help With PHP Error

[nEw_boY]

Hi guys,
I`m learning PHP with MySQL and have some problem.

I`m just creating a simple script to accept login details from index.php and transfer them to login.php via POST. 1st part went smooth. For 2nd part, login.php I`m having some problem.

I tried google and change the variable names too but the result was same. I kept getting error:

Code: 

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\wamp\www\login.php on line 10

My login.php is here:

PHP Code: 

<?php
$con= mysql_connect("localhost","usermaster","") or die (mysql_error());
$cName= $_POST["boxuser"];
$cPass=$_POST["boxpass"];
mysql_select_db("mynewdb");
//$data = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM mytable";
$result = mysql_query($query);
$row = mysql_fetch_array($result);

if ((strlen($row))>0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();
?>

Can anyone help me ?

nEw_boY Reviewed by nEw_boY on 31st Dec 2011. Help With PHP Error Hi guys, I`m learning PHP with MySQL and have some problem. I`m just creating a simple script to accept login details from index.php and transfer them to login.php via POST. 1st part went smooth. For 2nd part, login.php I`m having some problem. I tried google and change the variable names too but the result was same. I kept getting error: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\wamp\www\login.php on line 10 My login.php is here: <?php Rating: 5

[soft2050]

mysql_fetch_array - Returns an array that corresponds to the fetched row and moves the internal data pointer ahead.
http://php.net/manual/en/function.mysql-fetch-array.php

Use mysql_num_rows to check whether the query returned any results or not:
http://php.net/manual/en/function.mysql-num-rows.php

PHP Code: 

<?php

if (isset($_POST["boxuser"]) and isset($_POST["boxpass"])) { // use checks to prevent from direct page access

$con= mysql_connect("localhost","usermaster","") or die (mysql_error());
$cName= mysql_real_escape_string($_POST["boxuser"]); // prevent mysql injections
$cPass= mysql_real_escape_string($_POST["boxpass"]); // prevent mysql injections
mysql_select_db("mynewdb");
//$query = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM mytable WHERE uname=$cName and upass=$cPass";
$result = mysql_query($query);
$row = mysql_num_rows($result);

if ($row > 0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();

} else {

    die('RETRY AGAIN FROM THE LOGIN PAGE');

}

?>

Use php's mysql_real_escape_string to prevent from mysql injections attacks - http://www.php.net/manual/en/functio...ape-string.php

[nEw_boY]

Its the same error as before. Is there any problem with my config ?
Anything you can guess ?

[soft2050]

Ahh f**k! Yeah its similar
You need to also specify the connection in mysql query

Try this! Should work:

PHP Code: 

<?php

if (isset($_POST["boxuser"]) and isset($_POST["boxpass"])) { // use checks to prevent from direct page access

$con= mysql_connect("localhost","usermaster","") or die (mysql_error());
$cName= mysql_real_escape_string($_POST["boxuser"]); // prevent mysql injections
$cPass= mysql_real_escape_string($_POST["boxpass"]); // prevent mysql injections
mysql_select_db("mynewdb", $con);
//$query = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM mytable WHERE uname=$cName and upass=$cPass";
$result = mysql_query($query, $con);
$row = mysql_num_rows($result);

if ($row > 0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();

} else {

    die('RETRY AGAIN FROM THE LOGIN PAGE');

}

?>

Also fixed for mysql_select_db which also requires connection to be specified

[nEw_boY]

Nope, its the same.
I tried to fix it for almost 12 hrs yesterday but it aint worked.
Let me grab some tutorial script and confirm that my config is okay.

Fix it meanwhile, if anything seems wrong.
Edit:
My connection is doing good, tried pre-made script, can someone point out the error please ?

[soft2050]

Found it and tested too! it does works now

PHP Code: 

<?php

if (isset($_POST["boxuser"]) and isset($_POST["boxpass"])) { // use checks to prevent from direct page access

$con= mysql_connect("localhost","usermaster","") or die (mysql_error());
$cName= mysql_real_escape_string($_POST["boxuser"]); // prevent mysql injections
$cPass= mysql_real_escape_string($_POST["boxpass"]); // prevent mysql injections
mysql_select_db("mynewdb", $con);
//$query = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM mytable WHERE uname='$cName' and upass='$cPass'";
$result = mysql_query($query, $con);
$row = mysql_num_rows($result);

if ($row > 0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();

} else {

    die('RETRY AGAIN FROM THE LOGIN PAGE');

}

?>

The problem was in sql query where the value to check was directly given which was making query take it as unique column.

[nEw_boY]

I still have the same problem.
I even tried just plain SELECT * from mytable but it isnt working. fetch_array or num_rows, none of them are working.

Are you sure that you tried it ? Can anyone else confirm it ?

[soft2050]

Yes i tried it. Here's my try code:

PHP Code: 

<?php

//if (isset($_POST["boxuser"]) and isset($_POST["boxpass"])) { // use checks to prevent from direct page access

$con= mysql_connect("localhost","username", "") or die (mysql_error());
$cName= 'admin'; //mysql_real_escape_string($_POST["boxuser"]); // prevent mysql injections
$cPass= 'mymd5hashedtestpass'; //mysql_real_escape_string($_POST["boxpass"]); // prevent mysql injections
mysql_select_db("dle", $con);
//$query = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM dle_users WHERE name='$cName' and password='$cPass'";
$result = mysql_query($query, $con) or die (mysql_error());
$row = mysql_num_rows($result);

if ($row > 0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();

//} else {

  //  die('RETRY AGAIN FROM THE LOGIN PAGE');

//}

?>

I only removed checks and added user & pass (md5) hash! Not sure why the code didn't works for you though

Edit: I am pretty much sure that the problem is in your query so make it output the error:

PHP Code: 

<?php

if (isset($_POST["boxuser"]) and isset($_POST["boxpass"])) { // use checks to prevent from direct page access

$con= mysql_connect("localhost","usermaster","") or die (mysql_error());
$cName= mysql_real_escape_string($_POST["boxuser"]); // prevent mysql injections
$cPass= mysql_real_escape_string($_POST["boxpass"]); // prevent mysql injections
mysql_select_db("mynewdb", $con);
//$query = "select * from mytable where uname=".$cName."and upass=".$cPass;
$query = "SELECT * FROM mytable WHERE uname='$cName' and upass='$cPass'";
$result = mysql_query($query, $con) or die (mysql_error());
$row = mysql_num_rows($result);

if ($row > 0)
{
    echo "Login successful.";
}
else
{
    echo "Login failed.";
}
mysql_close();

} else {

    die('RETRY AGAIN FROM THE LOGIN PAGE');

}

?>

[nEw_boY]

Oh man, I cant thank you in words...
You really solved it.

The query returned false error that PHP considered as Boolean, your last code was right but I forgot to update the column names of my database. Its done, solved.

Tons of love to you, brother.
Solved.