Mysql_num_rows() expects parameter 1 to be resource, boolean given

xoxcollxox · May 30, 2017, 3:16pm

I am fairly new to all of this, so hopefully this makes sense!
I am trying to create a reset password link for my website so users ca change the password if forgotten.

Dormilich · May 30, 2017, 3:32pm

the usual reason … your query fails.

xoxcollxox · May 30, 2017, 3:38pm

how to fix it?

SamA74 · May 30, 2017, 4:06pm

For a start, I would start using a database API that still exists, rather than one that has been removed from the current versions of php.
But aside from that, there is so much wrong with you script it’s too much to mention.

Since you are new to this, I recommend learning all over again, but from some up-to-date sources that account for things like current database APIs (mysqli or PDO), database security (SQL injection), html semantics and form accessibility.

mlukac89 · May 30, 2017, 4:53pm

It will be good to post your code for a start to see where is problem ?

SamA74 · May 30, 2017, 4:55pm

It was there, but has subsequently been edited out for some reason.

mlukac89 · May 30, 2017, 7:38pm

And hes uses outdated mysql functions.

Here is a example script with mysqli

<?php

// mysqli connection
$conn = mysqli_connect("host", "username", "password", "database_name");

// form submit
if (isset($_POST['submit'])) {
	// create hash for password reset link
	$hash = bin2hex(openssl_random_pseudo_bytes(32));
	
	// check if email field is not empty
	if (isset($_POST['email'])) {

		$email = trim(mysqli_real_escape_string($conn, $_POST['email']));

		// check if email exists
		$query = mysqli_query("SELECT COUNT(email) FROM users WHERE email = '$email'");
		
		if (mysqli_num_rows($query) > 0) {
			// email exists
			// put hash in database where email is same as email from a form
			$query = "UPDATE users SET password_hash = '$hash' WHERE email = '$email'";

			// check if query is updated value
			if (mysqli_query($conn, $query)) {
				
				// send user a link to password reset script
				if (mail($email, "Password reset link from www.your_site.com", "Please click on a <a href='www.your_site.com/password_reset.php?pr='".$hash."'>following link</a> to reset your password.")) {
					echo "Activation link send on your email address.";
				} else {
					// if mail function fail
					echo "Email not sent, please try again.";
				}

			} else {
				echo "Invalid entry."; // don't tell user that query is fail.
			}
			
		} else {
			// invalid email, don't exists
			echo "Please enter email."; // don't tell user if email exists or not.
		}

	} else {
		echo "Please enter email.";
	}
}


?>

<form method="post" action="">
	<label for="mail">Enter your email</label>
	<input type="email" name="email" id="mail">
	<input type="submit" name="submit" value="Reset password">
</form>

system · August 30, 2017, 2:40am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.