Cyan Hijirikawa Cyan Hijirikawa - 1 year ago 58
PHP Question

I always get this error Warning: mysqli_num_rows() expects parameter 1

Here's the code and the defined variables too.

I've been trying to make it run for the past few hours already, and I just can't get past the area at line 32.

What do you think did I miss? I'm sorry, I am just starting to learn this so I might have missed some key structuring or something.

Thank you.



function sql_entry($user,$pass,$phone,$points){

//do not touch anything beyond this part
$conn = mysqli_connect(DB_HOST,DB_USERNAME,DB_PASSWORD,DB_NAME);

//error catcher for connection failure
die("Connection failed: " . $conn->connect_error);


//grabs the time
$time = date('H:i:s');
//$time = $time->format();
$date = date('Y-m-d');
//$date = $date->format();

//clean themmmmmm!
$clean_user = mysqli_real_escape_string($conn, $user);
$clean_pass = mysqli_real_escape_string($conn, $pass);
$clean_phone = mysqli_real_escape_string($conn, $phone);
$clean_points = mysqli_real_escape_string($conn, $points);

//prepare queries
$verification = "SELECT * FROM ".DB_TBL."WHERE phone =".$clean_phone;
$verification_result = mysqli_query($conn,$verification); //run query to validate user

$count = mysqli_num_rows($verification_result); //

//error catcher for non-existing username or wrong user/pass
if($count < 1){
$account_registration = "INSERT INTO ".DB_TBL." (username,password,register_date,phone,points,notes) VALUES ('$clean_user','$clean_pass','$date','$clean_phone','$clean_points','')";
$registration_result = mysqli_query($conn,$account_registration);
return 1;
return 0;

//here's the other variables for login (all are correct, i have triple checked them already countless times)


define ("DB_HOST", "");
define ("DB_USERNAME", "root");
define ("DB_PASSWORD", "ragnarok");
define ("DB_NAME", "houseofvbi");
define ("DB_TBL", "users");




if(empty($_POST["name"])) {
$unameErr = "Username is required";
else {
$uname = clean_input($_POST["name"]);

if(empty($_POST["pass"])) {
$pwordErr = "Password is required";
else {
$pword = clean_input($_POST["pass"]);

if(empty($_POST["phone"])) {
$pwordErr = "Please input phone number";
else {
$phone = clean_input($_POST["phone"]);

if(empty($_POST["apass"])) {
$pwordErr = "Please input phone number";
else {
$points = clean_input($_POST["apass"]);

$check = sql_entry($uname,$pword,$phone,$points);

if($check == 0){

echo "<script type='text/javascript'>alert('The username is already in use.');";
echo "window.location = '#';";
echo "</script>";



echo "<script type='text/javascript'>alert('Registration is complete. You may log in in the game.');";
echo "window.location = '#';";
echo "</script>";

/* Functions */

function clean_input($login){

$login = trim($login);
$login = stripslashes($login);
$login = htmlspecialchars($login);

return $login;


Answer Source

In your query:

$verification = "SELECT * FROM ".DB_TBL."WHERE phone =".$clean_phone;

You need to add a space between TABLE NAME and WHERE as:

$verification = "SELECT * FROM ".DB_TBL." WHERE phone =".$clean_phone;

Second, don't know phone no field is string or integer if its string than you need to add single quote around phone no as:

$verification = "SELECT * FROM ".DB_TBL." WHERE phone = '$clean_phone'";
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download