I am creating a new login script/members directory.
I am creating it from scratch without any frameworks (advice on this m开发者_StackOverflowatter would also be appreciated).
The situation:
// Look up the username and password in the database
$query = "SELECT admin_id, username FROM admin WHERE adminname = '$admin_user' AND password = SHA1('$admin_pass')";
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 1) {
This bit of code keeps giving me an error (the last line in particular):
Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in /home8/craighoo/public_html/employees/security/dir_admin.php on line 20
When echoing the query I get:
SELECT admin_id, adminname FROM admin WHERE adminname = 'admin' AND password = SHA1('password')
EDIT: Thanks to everyone. The problem was in my Database column names and the column names I was referencing.
Your query execution is failing. When that happens mysqli_query
returns false
(boolean value) and when is passed to mysqli_num_rows
, you get this error.
Print the query just before executing and check for correctness.
Considering that mysqli_query
returns false
on failure, and that $data is a boolean, here, I suppose there is an error occuring during the execution of your SQL query.
You could try using mysqli_error
to find out what this error is :
$data = mysqli_query($dbc, $query);
if ($data !== false) {
// Do whatever you want with $data
if (mysqli_num_rows($data) == 1) {
//
}
} else {
echo mysqli_error($dbc);
die;
}
Note : echoing the error message and dying, like I did here, is OK while developping your script ; but you should not do that in production.
Instead, in production, you should :
- Log the error to a file
- Display a nice message to the user
When you have a critical query, it's best to add a die to it like so:
mysqli_query($dbc, $query) or die('Critical error on line #'. __LINE__ .' when attempting to login ...<br>'. mysql_error());
Have you tried running that same query manually thru phpmyadmin or the console? What result do you get?
精彩评论