this is my code for a login system. I have a table called Users2 with the following columns: userID, prenume, nume, nicknamee, parola (which is password) and tara. What I'm trying to do is this: a user types in his username & password. clicks submit and after clicking submit he gets the message if he's connected
<form method="post">
Username:
<input type="text" name="nicknameee" placeholder="Username">
<br>
Password:
<input type="password" name="passwordd" placeholder="Password">
<br>
<input type="submit" name="Submit2" value="submit">
<br>
<?php
if (isset($_POST['Submit2'])) {
$result1 = $conn->query("SELECT nicknamee, parola FROM Users2 WHERE nicknamee='$_POST[nicknameee]' AND parola='$_POST[passwordd]' ");
if (mysql_num_rows($result1)>0){
echo "We are connected";
}
else{
echo "INCORRECT";
}
}
?>
</form>
The thing is I get this:
(the username and password form + submit button) and then: Warning: mysql_num_rows() expects parameter 1 to be resource, object given in /home/u381189183/public_html/login.php on line 30 INCORRECT
Because the result returned by the query is an object and not a resource you have to use $result1->num_rows in this case:
if (isset($_POST['Submit2'])) {
$result1 = $conn->query("SELECT nicknamee, parola FROM Users2 WHERE nicknamee='$_POST[nicknameee]' AND parola='$_POST[passwordd]' ");
if ($result1->num_rows > 0){
echo "We are connected";
}
else{
echo "INCORRECT";
}
}
Also you should switch to at least mysqli. Maybe PDO. And use prepared statements.