Cannot figure out simple admin login

PHP
1

I am trying to learn php and I cannot figure out how to get a simple login form going. I am getting this error.

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given

I have no clue what I am doing wrong. I am following the “HowTo”.

Here is my code

Index.php ( Login Form )

    <form name="form1" method="post" action="checklogin.php">
<div id="wrappermiddle">
<h2>Login</h2>
<div id="username_input">
<div id="username_inputleft"></div>
    <div id="username_inputmiddle">
    
    <input name="myusername" type="text" id="myusername" value="Email Address">
    <img id="url_user" src="./images/mailicon.png" alt="">			
    </div>
    <div id="username_inputright"></div>
    </div>

    <div id="password_input">
    <div id="password_inputleft"></div>
    <div id="password_inputmiddle">				
    <input name="mypassword" type="text" id="mypassword" value="Password">
    <img id="url_password" src="./images/passicon.png" alt="">				
    </div>
    <div id="password_inputright"></div>
    </div>

    <div id="submit">	
    <input type="image" src="./images/submit.png" name="Submit" value="Login">			
    </form>
    </div>

Check_login.php

<?php
    $host="localhost"; // Host name
    $username="MY DB USER"; // Mysql username
    $password="Password"; // Mysql password
    $db_name="MY DB Name"; // Database name
    $tbl_name="admin"; // Table name


// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
2

Standard disclaimer: mysql_ is deprecated. Use mysqli_ or PDO instead.

That said, the error tells you precisely what went wrong, if not quite how to fix it.

Note that this is a WARNING level event, and did not stop your code from executing. It’s telling you that you did something unexpected. Specifically…

$count=mysql_num_rows($result);

The error tells you that $result was a boolean, not a mysql resource as expected. Why was it a boolean?

$result=mysql_query($sql);

Well, here’s where we set $result. And it got a boolean. if we look at the [FPHP]mysql_query[/FPHP] manual page, you can see that the Return for this function, for SELECT queries, is only a boolean if it returned FALSE, which means something went wrong when it tried to execute the query.

Step 1 of Solution:

echo mysql_error();

placed directly after your call to mysql_query.

That will tell you what went wrong with the query; then step 2 willl be to step backwards and figure out why.

3

Well I got that fixed, now I am getting this error

Fatal error: Call to undefined function session_register() in checklogin.php on line 33

which is the first line of this code.

session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

EDIT:
I was able to fix it by changing it to
$_SESSION[‘login_user’]=“myusername”;

4

Yup. session_register has been removed from PHP. $_SESSION[field] is the appropriate method, along with session_start() at the top of the page.

5

session_start() should be at the top of the first script that uses the $_SESSION array, the bext place unless you’re using a custom session handler is to place it right after the opening <?php in your main index file