-3

i have this error mentioned in the title with this code:

    <?php  session_start(); 
       ob_start();

                include("connection.php");

                $username = $_POST['username'];
                $password = $_POST['password'];

                $query = mysql_query("SELECT * FROM users WHERE user_username = '$username' AND user_password = '$password'",$conn)
                or die($query. "<br/><br/>".mysql_error());

                if($query = mysql_affected_rows() > 0) {
                    $record = mysql_fetch_assoc($query);
                    $validuser = $row['username'];
                    $_SESSION['valid'] = $validuser;
                    if(isset($_SESSION['valid']))
                    {
                        header('Location:  index.php');         
                    }
                    } else { ?>
                        <script>alert('Username not registered.')
                        </script>
<?php
                   }
                    exit();

?>

this is my web assignment and im a newbie in php. please need help.

DeadLuck
  • 59
  • 1
  • 1
  • 10

3 Answers3

2

You have the following in your code:

if($query = mysql_affected_rows() > 0) {

mysql_affected_rows() returns the number of affected rows. If it's greater than 0, then $query will be TRUE, and if not, it will be FALSE. The value of $query will always be a boolean value.

mysql_fetch_assoc() expects a MySQL resource as it's parameter but you'll be passing a boolean value instead. That's the cause of the error.

From the documentation for mysql_affected_rows():

Get the number of affected rows by the last INSERT, UPDATE, REPLACE or DELETE query associated with link_identifier.

Another thing is that you're running a SELECT statement, you probably want mysql_num_rows() instead.

Normally, your if statement should look like:

if(mysql_num_rows($query) > 0) {
    # code ...
}

You can adjust it with your code as follows:

$num = mysql_num_rows($query);

if($num > 0) 
{
    while ($record = mysql_fetch_assoc($query)) 
    {
        $validuser = $row['username'];
        $_SESSION['valid'] = $validuser;
        if(isset($_SESSION['valid']))
        {
            header('Location:  index.php');         
        }
    }
}
else 
{
    # else block ...
}

Also, note that mysql_ functions are deprecated and are soon to be removed. You should switch to MySQLi or PDO and start using parameterized queries to be safe.

Amal Murali
  • 73,160
  • 18
  • 123
  • 143
0

In this loop:

if($query = mysql_affected_rows() > 0)

You are assigning $query to the result of the expression. So $query will either be True or False.

Then in the loop, you are doing:

$record = mysql_fetch_assoc($query);

This is where the error gets triggered, since now $query is no longer the result of the mysql_query method.

To fix this, change your if condition:

if(mysql_affected_rows() > 0)

You should also upgrade your code because the old mysql_* functions will be removed from PHP.

Burhan Khalid
  • 161,711
  • 18
  • 231
  • 272
  • In PHP, the mysql_query call executes the query immediately (its not set to a transaction that needs to be committed). You are right about the second point though; which should be another question from the OP (eventually). – Burhan Khalid Oct 20 '13 at 08:03
0

change this code :

if($query = mysql_affected_rows() > 0) {
                    $record = mysql_fetch_assoc($query);
                    $validuser = $row['username'];

to this :

 if(mysql_num_rows($query) > 0) {
                $record = mysql_fetch_assoc($query);
                $validuser = $record['username'];
Aditya Vikas Devarapalli
  • 2,691
  • 2
  • 30
  • 48