Chapter 11 - Username And Password Not Working

[Andrew]

I am trying to get the login.php script in Chapter 11 to recognize the email and password I enter in on the login_page.inc.php script. Right now I keep getting the same error message:

 

 

( ! ) Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\wamp\www\inc\login_functions.inc.php on line 59

Call Stack

# Time Memory Function Location

1 0.0004 679648 {main}( ) ..\login.php:0

2 0.0035 705656 check_login( ) ..\login.php:16

3 0.0038 706576 mysqli_num_rows ( ) ..\login_functions.inc.php:59

 

 

 

I made sure each line of code was correct (as so I think) according to the scripts printed in the book. I went back and read about the error and debugged steps and echoed the variables to the browser. I know that the $email ='', $password = '') variables are correct because they echo out what I entered in the login_page.inc.php.

Also, I manually entered in the query into the MYSQL console and confirmed that it query is correct, it is. Now I have no clue as to what could be triggering the error message show above.

The login_functions.inc.php script I am using is shown below:

 

 

 

 

 

 

function absolute_url ($page = 'index2.php') {

//State defining the URL...

//URL is http:// plus the host name plus the current directory:

$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);

 

//Remove any triling slashes:

$url = rtrim($url, '/\\');

 

//Add the page

$url .= '/' . $page;

 

//Return the URL:

return $url;

} // End of absoulte_url() function.

 

/* This function validates the form data (the email address and password).

 

*If both are present, the database is queried.

 

*The function requires a database connection.

 

*the function returns an array of information, including:

 

* - a TRUE/FALSE variable indicating success

 

* - an array of either errors or the database result

 

*/

 

function check_login($dbc, $email = '', $password = ''){

$errors = array(); // Initialize error array.

 

//Validate the email address:

if (empty($email)) {

$errors[] = 'You forgot to enter your email address.';

} else {

$e = mysqli_real_escape_string($dbc, trim($email));

}

//Validate the password:

if (empty($password)) {

$errors[] = 'You forgot to enter your password.';

} else {

$p = mysqli_real_escape_string($dbc, trim($password));

}

 

if (empty($errors)) { //If everything's OK.

//Retrieve the user_id and firstname for that email/password combination:

$q = "SELECT user_id, firstname, FROM users WHERE email='$e' AND password=SHA1('$p')";

$r = @mysqli_query($dbc, $q); //Run the query.

 

//Check the result:

if (mysqli_num_rows($r) == 1) {

//Fetch the record:

$row = mysqli_fetch_array($r, MYSQLI_ASSOC);

//Return true and the record:

return array(true, $row);

} else { //Not a match!

$errors[] = 'The email address and password entered do not match those on file.';

}

} // End of empty($errors) IF.

//Return false and the errors:

return array(false, $errors);

} // End of check_login() function.

?>

[Jonathon]

Hi Andrew,

 

This line:

 

$q = "SELECT user_id, firstname, FROM users WHERE email='$e' AND password=SHA1('$p')";

 

should possibly be:

 

$q = "SELECT user_id, firstname FROM users WHERE email='$e' AND password=SHA1('$p')";

 

Let me know how you get on and i'll lokk in more detail as I only gave it a quick once over