mysql_num_rows() not working at all

Question

I have this piece of PHP code:

<?php
$username=$_POST['username'];
$password=$_POST['password'];

if($username&&$password){
$connect=mysql_connect("localhost","root","") or die(" Couldnt connect");
mysql_select_db("phplogin") or die ("Can't find database" .mysql_error());  
$query=mysql_query("SELECT * users WHERE username='$username' ");
$numrows=mysql_num_rows($query);
if (!$query) {
die('Invalid query: ' . mysql_error());
}
}
else
die ("Enter username and password!") .mysql_error();
?>

However, when I try to run this code I get these errors:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\PHP testing\login.php on line 9

and

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'users WHERE username='alex'' at line 1

Can someone explain to me what I'm I doing wrong here?

^Johan he(Mentalhead) is here on SO to learn by mistakes so you can comment your view without -1. — Vishwanath Dalvi
– Vishwanath Dalvi, Commented Jun 4, 2011 at 17:30
@Johan if he knew what are you writing about he wouldn't ask about... mysql_num_rows() :D — biesior
– biesior, Commented Oct 5, 2012 at 15:36

Headshota · Accepted Answer · 2011-06-04 07:55:54Z

5

You must specify a table from which you're selecting with FROM keyword:

$query=mysql_query("SELECT * FROM users WHERE username='$username' ");
$numrows=mysql_num_rows($query);

answered Jun 4, 2011 at 7:55

Headshota

21.4k13 gold badges63 silver badges82 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

Mentalhead Over a year ago

You're right, I completely missed the FROM keyword, thanks a lot!

bumperbox · Accepted Answer · 2011-06-04 07:58:11Z

5

you should really check for errors after your query, then the system will tell you what is wrong

$query = mysql_query("SELECT * users WHERE username='$username' ");

if (mysql_error() {
   die(mysql_error());
}

$numrows = mysql_num_rows($query);

as @mike commented, your select query is missing the from bit

"SELECT * FROM users WHERE username='$username' "

answered Jun 4, 2011 at 7:58

bumperbox

10.2k6 gold badges46 silver badges66 bronze badges

Comments

Community · Accepted Answer · 2017-05-23 10:00:07Z

4

Well Your code is vulnerable to SQL Injection Attack

$username=$_POST['username'];
$password=$_POST['password'];

instead of above use this code 

$username= mysql_real_escape_string($_POST['username']);
$password=mysql_real_escape_string($_POST['password']);

edited May 23, 2017 at 10:00

CommunityBot

11 silver badge

answered Jun 4, 2011 at 8:08

Vishwanath Dalvi

36.9k41 gold badges128 silver badges156 bronze badges

1 Comment

Mentalhead Over a year ago

I know it's vulnerable, it's just for testing and learning purposes, but thanks for this security tip.

andrewsi · Accepted Answer · 2012-09-24 19:09:14Z

1

$connect = mysql_connect("localhost","root","") or die("Couldn't connect!");
mysql_select_db("phplogin") or die("Couldn't find db");
$result = mysql_query("SELECT * FROM admin", $connect);
$numrows = mysql_num_rows($result);

and it will evaluate resource

edited Sep 24, 2012 at 19:09

andrewsi

10.7k132 gold badges37 silver badges52 bronze badges

answered Aug 31, 2012 at 19:24

ankit chouksey

111 bronze badge

Comments

Sujit Agarwal · Accepted Answer · 2011-06-04 08:01:13Z

0

$query = mysql_query("SELECT * users WHERE username='$username' ");
if (mysql_error() {
   die(mysql_error());
}
$numberOfRows = mysql_num_rows($query);
echo $numberOfRows;

answered Jun 4, 2011 at 8:01

Sujit Agarwal

12.5k11 gold badges50 silver badges79 bronze badges

Collectives™ on Stack Overflow

mysql_num_rows() not working at all

5 Answers 5

1 Comment

Comments

1 Comment

Comments

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

5 Answers 5

1 Comment

Comments

1 Comment

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Related