Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given line 38

Question

dineshsurve 0 Newbie Poster

13 Years Ago

<?php
require_once('config.php');

$ID=$_SESSION;
$UserID=$_SESSION;
$tbl_name = "tbl_users";
//To check Data Insersion

$Curr_Password=$_POST;
//echo $Curr_Password;
$new_Password=$_POST;

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
mysql_select_db(DB_DATABASE, $link) or die( "Unable to select database");

$query="UPDATE $tbl_name SET Password = '".$new_Password."' WHERE Password='".$Curr_Password."' and id=$ID and Status=1";
echo $query;

$result=mysql_query($query,$link);

if(mysql_num_rows($result) ==1) //line no 38.
{
echo $UserID. ' , Your Password has Changed Successfully. <a href="WelcomeUser.php?PT=0">Back</a>';
}
else
{
echo 'Your Current Password is Wrong. Please Enter correct Password . <a href="ChangePassword.php">Back</a>';
}

mysql_close();
?>

mysql php

5 Contributors
5 Replies
267 Views
2 Weeks Discussion Span
Latest Post 13 Years Ago Latest Post by vibhaJ

blocblue 238 Posting Pro in Training

13 Years Ago

The mysql_query function returns false in the event of an error - usually as a result of an error with your query.

Try echoing out the query and run it in phpmyadmin or on the command line to check it works. Alternatively, use the mysql_error function to display the error.

R.

blocblue 238 Posting Pro in Training

13 Years Ago

Oh, and please make sure you sanitise input coming from the user, in this case $_POST before including it in SQL queries to prevent SQL injection attacks. And it's good practice to hash or encrypt passwords in the database for additional security.

R.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

SRocks 0 Newbie Poster · Answer 1 · 2011-05-16T01:54:12+00:00

Update query does not return any database row...So you should have checked for T/F value instead of
(mysql_num_rows($result) ==1)
//this statement is valid only if your query returning database row..

karthik_ppts 81 Posting Pro · Answer 2 · 2011-05-16T10:15:12+00:00

Yes as SRocks said update query does not return any database row. So just replace the following line 38

$result=mysql_query($query,$link);


if(mysql_num_rows($result) ==1) //line no 38.
{
echo $UserID. ' , Your Password has Changed Successfully. <a href="WelcomeUser.php?PT=0">Back</a>';
}

with

$result=mysql_query($query,$link);


if($result) //line no 38.
{
echo $UserID. ' , Your Password has Changed Successfully. <a href="WelcomeUser.php?PT=0">Back</a>';
}

vibhaJ 126 Master Poster · Answer 3 · 2011-05-16T12:14:24+00:00

Try this code

$query="UPDATE $tbl_name SET Password = '".$new_Password."' WHERE Password='".$Curr_Password."' and id=$ID and Status=1";
	$result = mysql_query($query) or die('Error : '.mysql_error());

	if(mysql_affected_rows()) 
	{
		echo 'Successfully Updated';
	}
	else
	{
		echo 'Not Updated';
	}