Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\wamp\www\Bitev3\core\functions\users.php on line 10

Question

Hey everyone im am creating a login page for my website. But when i try to login in to the website I getting the following error Warning: mysql_result() expects parameter 1 to be resource, boolean given in C:\wamp\www\Bitev3\core\functions\users.php on line 10.

Any help would be greatly appreciated.

Html file

<?php
    include 'core/init.php';
    ?>


<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Index</title>

</head>
<body>
<div>
</div>
<div>

<form action='login.php' name="login" id ="login" method = "POST">
<table width=>
  <tr>
    <td><label for="Email"></label>
      Email:
      <input type="text" name="email" id="Email">
     </td>
    <td><label for="Password"></label>
      Password:

      <input type="password" name="password" id="Password">
      </td>
    <td><input type="submit" name="Login" id="Login" value="Login"></td>
  </tr>
</table>
<a href="UserRegistration.php">not registered sign up</a>
</form>
</div>

</body>
</html>

init file

<?php
session_start();
//error_reporting(0);
require '/database/connect.php';
require '/functions/general.php';
require '/functions/users.php';
$errors = array();
?>

users file

<?php
function logged_in() {
    return(isset($_SESSION['UserID'])) ? true : false; 

}

function user_exists ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT ('UserID') FROM 'users' WHERE 'Email' = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;

}

function user_active ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT ('UserID') FROM 'users' WHERE 'Email' = '$email' AND 'activated' = 1");
    return (mysql_result($query, 0) == 1) ? true : false;

}
function user_id_from_email($email){
    $email =sanitize ($email);
    return mysql_result(mysql_query("SELECT 'UserID' FROM 'users WHERE 'Email' = '$email'"), 0, 'UserID');
}
function login ($email, $password){
 $UserID = UserID_from_username($email);
 $email = sanitize ($email);
 $password = md5 ($password);

 return(mysql_result(mysql_query ("SELECT COUNT ('UserID' FROM 'users' WHERE 'Email' = '$email' AND 'Password' = '$password'"), 0) == 1) ? $UserID : false;
};
?>

general file

<?php
function sanitize($data) {
    return mysql_real_escape_string($data);

}


?>

connect file

<?php
$connect_error = 'Sorry, we\'re experiencing connection problems.';
mysql_connect('localhost','root','pass123') or die ($connect_error);
mysql_select_db('bitev2') or die ($connect_error);
?>

Login file

<?php
include 'core/init.php';



if (empty ($_POST) === false) {
    $email = $_POST ['email'];
    $password = $_POST['password'];

    if (empty($email) === true || empty ($password) === true) {
        $errors[] ='you need to enter a email and password';
    } else if (user_exists($email)=== false) { 
        $errors[] ='We cant find that email';
    } else if (user_active($email) === false) {
        $errors[] ='you havent activated your account';
    } else {
        $login = login ($email, $password);
        if ($login === false){
            $errors[] ='That email password combination is incorrect';
        }else{
            $_SESSION['UserID'] =$login;
            header ('Location: index.php');
            exit();
        }
    }
    print_r($errors);
}
?>

Answer 1

Use bacticks ` & not single quotes for table name or column name.

SELECT COUNT(`UserID`) FROM `users` WHERE `Email` = '$email'"

Note: Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO, or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

Answer 2

The error is indicating that the query you ran failed, giving a value of FALSE (Boolean).

This code: return mysql_result(mysql_query("SELECT 'UserID' FROM 'users WHERE 'Email' = '$email'"), 0, 'UserID');

There is a missing quote around 'users' which would be throwing the exception. You can leave the quotes out from the UserID, users, and Email. Make sure the the cases are correct too, so that the Email field is not actually email and so on.

You should also be using the mysqli_ commandset instead of mysql_ which is deprecated.

Answer 3

Your MySQL Query syntax is Wrong...

Use backticks..

<?php
function logged_in() {
    return(isset($_SESSION['UserID'])) ? true : false; 

}

function user_exists ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT (`UserID`) FROM `users` WHERE `Email` = '$email'");
    return (mysql_result($query, 0) == 1) ? true : false;

}

function user_active ($email) {
    $email = sanitize ($email);
    $query = mysql_query ("SELECT COUNT (`UserID`) FROM `users` WHERE `Email` = '$email' AND 'activated' = 1");
    return (mysql_result($query, 0) == 1) ? true : false;

}
function user_id_from_email($email){
    $email =sanitize ($email);
    return mysql_result(mysql_query("SELECT `UserID` FROM `users` WHERE `Email` = '$email'"), 0, 'UserID');
}
function login ($email, $password){
 $UserID = UserID_from_username($email);
 $email = sanitize ($email);
 $password = md5 ($password);

 return(mysql_result(mysql_query ("SELECT COUNT (`UserID` FROM `users` WHERE `Email` = '$email' AND `Password` = '$password'"), 0) == 1) ? $UserID : false;
};
?>

Answer 4

do not use any quotation (' or ") in table column name and table name. you can use backtick (`) or nothing.

if you use quaternion then mysql treated this name as string not as a column name.

You need to remove quotation from table name and column name.

(e.g) like this:

mysql_query ("SELECT COUNT (UserID) FROM users WHERE Email = '$email'");