Reputation: 193
sqlsrv_num_rows() expects parameter 1 to be resource
I get a error --> sqlsrv_num_rows() expects parameter 1 to be resource
Can anyone figure out whats wrong with the coding, ive been trying for 3 hours now
Thanks in advance :)
<?php
include("config.php");
username and password sent from form
$myusername=htmlspecialchars($_POST[username]);
$mypassword=htmlspecialchars($_POST[password]);
$sql="SELECT * FROM Login WHERE Username=$myusername and
Password=$mypassword";
$result=sqlsrv_query($conn,$sql);
$count=sqlsrv_num_rows($result);
if($count==1){
header("location: something");
}
else {
echo "Wrong Username or Password";
}
?>
CONFIG.PHP
<?php
$serverName = '';
$uid = '';
$pwd = '';
$databaseName = '';
$connectionInfo = array( "UID"=>$uid,
"PWD"=>$pwd,
"Database"=>$databaseName);
$conn = sqlsrv_connect( $serverName, $connectionInfo);
if( $conn ) {
echo "Connection established.<br />";
}else{
echo "Connection could not be established.<br />";
}
?>
Upvotes: 0
Views: 2481
Answers (2)
Reputation: 1
I have notice 2 things here:
1) You have a typo at line 4, I think you missed the comment markup
instead of:
username and password sent from form
you mean:
// username and password sent from form
2) Mayank already anwsered that second issue. You have another typo at SQL Query and the $result variable is returning FALSE instead of a statement resource
You could verify that checking if $result is equal to FALSE, and furthermore print some error for the user, like this:
if( $result === false ) {
die( print_r( sqlsrv_errors(), true));
}
Check this link for more information.
Finally mind what Mayank said about SQL injection.
Upvotes: 0
Reputation: 26258
sqlsrv_num_rows() expects parameter 1 to be resource
The issue is $result is false and it is because of:
$sql="SELECT * FROM Login WHERE Username=$myusername and
Password=$mypassword";
here Username and Password are strings and you to compare with string you have to wrap the values in ' singe quotes like:
$sql="SELECT * FROM Login WHERE Username='".$myusername."' and
Password='".$mypassword."'";
Note: Your query is vulnerable to sql injections
Upvotes: 1
Related Questions
- sqlsrv_num_rows() expects parameter 1 to be resource, boolean given
- sqlsrv_query() expects parameter 1
- sqlsrv_fetch_array() expects parameter 1 to be resource, boolean given
- sqlsrv_fetch_array() expects parameter 1 to be resource
- PHP 'sqlsrv_query' null in resource
- PHP with sqlsrv_num_rows
- mysql_num_rows() expects parameter 1 to be resource, string given
- sqlsrv_num_rows Not Returning Any Value
- SQLSRV_NUM_ROWS error
- Why does this keep returning PHP ERROR Warning: mysql_num_rows() expects parameter 1 to be resource