Script Error Login.php

[isaacboy2000]

Hey Guys i have this error can anyone help me?

Found This today:

Quote

 

 

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\Metin2Medevil\inc\head.inc.php on line 14

Quote

 

login.php

<div class="content_top"><h2>Login</h2></div>

<div class="content_main">

<div class="con-wrapper">

<?PHP

  if(isset($_POST['submit2'])) 

  {

    if(!empty($_POST['userid2']) && !empty($_POST['userpass2']) && checkAnum($_POST['userid2']) && checkAnum($_POST['userpass2'])) 

    {

      $sqlCmd = "SELECT id,login,coins,web_admin,email 

      FROM account.account 

      WHERE login 

      LIKE '".mysql_real_escape_string($_POST['userid2'])."' 

      AND password=PASSWORD('".mysql_real_escape_string($_POST['userpass2'])."') 

      LIMIT 1";

      $sqlQry = mysql_query($sqlCmd,$sqlServ);

   if(mysql_num_rows($sqlQry)>0) 

 

      {

        $getAdmin = mysql_fetch_object($sqlQry);

        $_SESSION['user_id'] = $getAdmin->id;

        $_SESSION['user_name'] = $getAdmin->login;

        $_SESSION['user_admin'] = $getAdmin->web_admin;

        $_SESSION['user_coins'] = $getAdmin->coins;

        $_SESSION['user_email'] = $getAdmin->email;

        $updateIP = mysql_query("UPDATE account.account SET web_ip='".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."' WHERE id='".mysql_real_escape_string($getAdmin->id)."'",$sqlServ);

        

      }

    }

  }

  if(isset($_GET['do']) && $_GET['do']=="aktivieren" && isset($_GET['hash']) && !empty($_GET['hash'])) {

    if(strlen($_GET['hash'])==32 && $_GET['hash']!=1 && checkAnum($_GET['hash'])) {

      $cmdHash = "SELECT id,web_aktiviert FROM account.account WHERE web_aktiviert='".$_GET['hash']."' AND web_aktiviert!='1' LIMIT 1;";

      $qryHash = mysql_query($cmdHash,$sqlServ);

      

      if(mysql_num_rows($qryHash)) {

      

        $getData = mysql_fetch_object($qryHash);

        $userUpdate = "UPDATE account.account SET web_aktiviert='1',status='OK' WHERE id='".$getData->id."' LIMIT 1;";

        $updateQry = mysql_query($userUpdate,$sqlServ);

        

        if($updateQry) {

          echo'<p class="meldung">Your account has been successfully activated . You can log in now .</p>';

          echo'<meta http-equiv="refresh" content="1; URL=index.php?s=login"> ';

        }

        else {

          echo'<p class="meldung">Query failed. Please contact an admin !</p>';

        }

        

      }

      else {

        echo'<p class="meldung">There was no match found . activation Failed.</p>';

      }

      

    }

    else {

      echo'<p class="meldung">No valid hash!</p>';

    }

  }

 

  if(!empty($_SESSION['user_id'])) 

  {

    echo'<div style="float:left;margin-left:30px;">';

    echo'<ul class="menue">';

    if($_SESSION['user_admin']>0) {

      echo'<li><a href="index.php?s=admin">Admin Panel</a></li>';

    }

    if($_SESSION['user_admin']>=0) {

      echo'<li><a href="index.php?s=itemshop">Itemhop</a></li>';

      echo'<li><a href="index.php?s=spenden">Donate</a></li>';

      echo'<li><a href="index.php?s=charaktere">Character</a></li>';

      echo'<li><a href="index.php?s=passwort">Data Editing</a></li>';

    }

    echo'</div>';

    echo'<div style="float:right;margin-right:30px;">';

    

    $cmdStats = "SELECT SUM( player.playtime ) AS ges_spielzeit, COUNT( * ) AS ges_chars, player_index.empire

    FROM player.player

    INNER JOIN player.player_index ON player_index.id = player.account_id

    WHERE player.account_id = '".$_SESSION['user_id']."'

    LIMIT 1";

    

    $qryStats = mysql_query($cmdStats,$sqlServ);

    $getStats = mysql_fetch_object($qryStats);

    

    if(!empty($getStats->empire)) {

      $reich = '<img src="img/reiche/'.$getStats->empire.'.png" title="Reich" alt="Reich"/>';

    }

    else {

      $reich='No Empire Picked';

    }

    

    

    echo'<table>

      <tr>

        <th class="topLine">Account:</th>

        <td class="tdunkel">'.$_SESSION['user_name'].'</td>

      </tr>

      <tr>

        <th class="topLine">Reich:</th>

        <td class="thell">'.$reich.'</td>

      </tr>

      <tr>

        <th class="topLine">Charaktere:</th>

        <td class="tdunkel">'.$getStats->ges_chars.'</td>

      </tr>

      <tr>

        <th class="topLine">Gesamte Spielzeit:</th>

        <td class="thell">'.$getStats->ges_spielzeit.' Minuten</td>

      </tr>';

    $sqlAcc = "SELECT account.social_id AS loeschcode, safebox.password AS lagerpw

    FROM account.account 

    LEFT JOIN player.safebox 

    ON account.id=safebox.account_id 

    WHERE account.id='".$_SESSION['user_id']."'";

 

    $qryAcc = mysql_query($sqlAcc) or die(mysql_error());

    $getAcc = mysql_fetch_object($qryAcc);

    

    if(empty($getAcc->lagerpw)) $getAcc->lagerpw = '000000';

      

      echo'<tr>

        <th class="topLine">Delete Code:</th>

        <td class="tdunkel">'.$getAcc->loeschcode.'</td>

      </tr>

    </table>';

    

    echo'</div><div class="clear"></div>';

  }

  else 

  {

  ?>

<form action="index.php?s=login" method="POST">

  <table>

    <tr>

      <th class="topLine">User ID:</th>

      <td class="tdunkel"><input type="text" name="userid2" maxlength="16" size="20"/></td>

    </tr>

    <tr>

      <th class="topLine">Password:</th>

      <td class="thell"><input type="password" name="userpass2" maxlength="16" size="20"/></td>

    </tr>

    <tr>

      <td class="topLine" style="text-align:center;" colspan="2"><input type="submit" name="submit2" value="login"/></td>

    </tr>

  </table>

  <p><a href="index.php?s=register">Register</a> • <a href="index.php?s=lostpw">Forgot Password?</a></p>

</form>

  <?PHP

  }

  ?>

</div>

</div>

 

<div class="content_footer"></div>  

[Ryukend]

In The line 16 replaces this:

  if(mysql_num_rows($sqlQry)>0)

For this:

   if(mysql_num_rows($sqlQry)>1)

And test.

 

 

If you still can not change it so it works:

 

 

   if(mysql_num_rows($sqlQry)) 

[isaacboy2000]

thx its fixed now