Android: Error on user login using php

Question

I am creating an app that allows a user to register and log in that utilizes php to connect to the database and mysql to store users information. Although i have a problem that i can't seem to figure out.

This is the php script DB_Functions.php

<?php 
class DB_Functions 
{

private $db;

//put your code here
// constructor
function __construct() 
{
    require_once 'DB_Connect.php';
    // connecting to database
    $this->db = new DB_Connect();
    $this->db->connect();
}

// destructor
function __destruct() 
{

}

/**
 * Storing new user
 * returns user details
 */
public function storeUser($name, $email, $password) 
{
    $uuid = uniqid('', true);
    $hash = $this->hashSSHA($password);
    $encrypted_password = $hash["encrypted"]; // encrypted password
    $salt = $hash["salt"]; // salt
    $result = "INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())";
    // check for successful store
    if ($result) 
    {
        // get user details 
        $uid = mysqli_insert_id($result); // last inserted id
        $result = ("SELECT * FROM users WHERE uid = $uid");
        // return user details
        return mysqli_fetch_array($result);
    }
}

/**
 * THE PROBLEM IS HERE!
 * Get user by email and password
 */
public function getUserByEmailAndPassword($email, $password) 
{
    $result = ("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());
    // check for result 
    $no_of_rows = mysql_num_rows($result);
    if ($no_of_rows > 0) 
    {
        //user not found
        return false;
    }
    else 
    {
        $result = mysql_fetch_array($result);
        $salt = $result['salt'];
        $encrypted_password = $result['encrypted_password'];
        $hash = $this->checkhashSSHA($salt, $password);
        // check for password equality
        if ($encrypted_password == $hash) 
        {
            // user authentication details are correct
            return $result;
        }
    }
}

/**
 * Check user is existed or not
 */
public function isUserExisted($email) 
{
    $result = ("SELECT email from users WHERE email = '$email'");
    $no_of_rows = mysql_num_rows($result);
    if ($no_of_rows > 0) 
    {
        // user existed 
        return true;
    } 
    else 
    {   
        // user not existed
        return false;
    }
}

/**
 * Encrypting password
 * @param password
 * returns salt and encrypted password
 */
public function hashSSHA($password) 
{
    $salt = sha1(rand());
    $salt = substr($salt, 0, 10);
    $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
    $hash = array("salt" => $salt, "encrypted" => $encrypted);
    return $hash;
}

/**
 * Decrypting password
 * @param salt, password
 * returns hash string
 */
public function checkhashSSHA($salt, $password) 
{
    $hash = base64_encode(sha1($password . $salt, true) . $salt);
    return $hash;
}
}
?>

This is the error that I am getting, I cannot seem to figure out what to add.

Warning: mysql_num_rows() expects parameter 1 to be resource, string given in /home/bf13/13421254/public_html/android_login_api/include/DB_Functions.php on line 53

Warning: mysql_fetch_array() expects parameter 1 to be resource, string given in /home/bf13/13421254/public_html/android_login_api/include/DB_Functions.php on line 61
{"tag":"login","error":true,"error_msg":"Incorrect email or password!"}

Answer 1

$result = "INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())";
    // check for successful store
    if ($result)

You're not actually querying, maybe:

$result = mysql_query("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())");
    // check for successful store
    if ($result)