how to resolve error in login page

Question

I am new in PHP coding, I'm trying to make a login page but I got an error which I dont understand.

login.php

<html>
<body>

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="login_dash.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>User Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>

login_dash.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

</head>
<body>
<?php
//var_dump($_POST);
// Grab User submitted information
$user = $_POST["myusername"];
$pass = $_POST["mypassword"];

// Connect to the database
$con = mysql_connect("localhost","root","","jj");
// Make sure we connected succesfully
if(! $con)
{
    die('Connection Failed'.mysql_error());
}

// Select the database to use
mysql_select_db("jj",$con);

$result = mysql_query("SELECT myusername, mypassword FROM login WHERE myusername = $user");
var_dump($result);
$row = mysql_fetch_array($result,$con);

if($row["myusername"]==$user && $row["mypassword"]==$pass)
    echo"You are a validated user.";
else
    echo"Sorry, your credentials are not valid, Please try again.";
?>
</body>
</html>

I got following error which I couldint uderstand

Error:

Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\SRK\login_dash.php on line 27

Should be `SELECT myusername, mypassword FROM login WHERE myusername = '$user'` (_See the single quotes ?_) — Shankar Narayana Damodaran, Apr 07 '14 at 11:28
Do yourself a favour and don't write new code using the `mysql_*` functions. They are becoming deprecated and will be removed in future PHP versions. Your code will stop working then. Use `mysqli_*` or PDO objects instead. — Gerald Schneider, Apr 07 '14 at 11:30
Junaid, I strongly advise you to look for a different/newer tutorial, which is written with mysqli or PDO - just add those keywords to your search terms in google. — d.abyss, Apr 07 '14 at 11:33
possible duplicate of [mysql\_fetch\_array() expects parameter 1 to be resource, boolean given in select](http://stackoverflow.com/questions/2973202/mysql-fetch-array-expects-parameter-1-to-be-resource-boolean-given-in-select) — John Conde, Apr 08 '14 at 02:54

score 1 · Answer 1 · edited Apr 07 '14 at 11:35

1

This is because your query failed to execute because the username is not enclosed within quotes.

$result = mysql_query("SELECT myusername, mypassword FROM login WHERE myusername = '$user'");

This (mysql_*) extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, Prepared Statements of MySQLi or PDO_MySQL extension should be used to ward off SQL Injection attacks !

edited Apr 07 '14 at 11:35

Shankar Narayana Damodaran

68,075
43
96
126

answered Apr 07 '14 at 11:29

Jenz

8,280
7
44
77

score 1 · Accepted Answer · edited Jun 27 '14 at 13:32

1

This error is because the query returns false so something is wrong. Try

$result = mysql_query("SELECT myusername, mypassword FROM login WHERE myusername = '$user'");

And mysql functions are deprecated in PHP 5.5 you should use PDO or mysqli

edited Jun 27 '14 at 13:32

BenMorel

34,448
50
182
322

answered Apr 07 '14 at 11:30

gbestard

1,177
13
29

score 0 · Answer 3 · answered Apr 07 '14 at 11:40

0

In any case you must check

if (null != $rseult && 0 != count(result)) {
    $row = mysql_fetch_array($result,$con);
 }

answered Apr 07 '14 at 11:40

Hayk Manasyan

508
2
20

score 0 · Answer 4 · answered Apr 07 '14 at 11:56

0

How about to do it like this?

$query = "SELECT myusername, mypassword FROM login WHERE myusername = '$user' AND mypassword =  '$pass' ";
$result_set = mysql_query($query);
if (mysql_num_rows($result_set) == 1) {

// your code here - basically LOGGED IN
}

else {
// NOT logged in
}

Cheers, Martin

answered Apr 07 '14 at 11:56

HyperT

23
6

And another thing is, that i cant see encryption of pass in your code - you have to compare encrypted with encrypted. – HyperT Apr 07 '14 at 11:58

how to resolve error in login page

4 Answers4