Jump to content

Boolean Error

craigerjs

By craigerjs
in PHP Coding Help

 Share

Recommended Posts

craigerjs Newbie

craigerjs

Posted
Posted

Hi, I have an image uploader here and I am trying to have a user enter their password and check a box in order to submit their image.  I am having trouble validating the password.  I get this error message:

 

"Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in /home/content/68/6372768/html/submit.php on line 58"

 

From this section of the code:

 

      $query = "SELECT * FROM user_info WHERE password = SHA($user_password)";

      $data = mysqli_query($dbc, $query);

      if (mysqli_num_rows($data) == 1) {

      $valid_password = true;

      }

 

Anyone see what I am doing wrong?  The password stored in my DB is encrypted with SHA. 

 

 

<?php
  // Start the session
  require_once('startsession.php');
  // Insert the page header
  $page_title = 'Submit an Image';
  require_once('header.php');
  require_once('appvars.php');
  require_once('connectvars.php');
  // Show the navigation menu
  require_once('navmenu.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['user_id'])) {
    echo '<center><table border="0" cellspacing = "20"><tr><td>';
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    echo '</td></tr></table></center>';
    // Insert the page footer
    echo '<div class="footer">';
    require_once('footer.php');
    echo '</div>';
    exit();
  }
?>

<div class="linkrow">
<!-- end .linkrow --></div>

<div class="contentBlue960">
<img src = "/IMAGES/WEBSITE/capBlue960.jpg">


<?php
  if (isset($_POST['submit'])) {
// Connect to the DB
    $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
    // Set password to false
    $valid_password = false;  
    // Grab the id data from the POST
    $image_name = $_FILES['image_name']['name'];
    $image_name_type = $_FILES['image_name']['type'];
    $image_name_size = $_FILES['image_name']['size']; 
    $user_password = (mysqli_real_escape_string($dbc, trim($_POST['user_password'])));
    $agree = mysqli_real_escape_string($dbc, trim($_POST['agree']));
    // Grab the id data from the DB
    
    if (!isset($_GET['user_id'])) {
    $query = "SELECT user_name, password FROM user_info WHERE user_id = '" . $_SESSION['user_id'] . "'";
    }
  else {
    $query = "SELECT user_name, password FROM user_info WHERE user_id = '" . $_GET['user_id'] . "'";
    }
  $data = mysqli_query($dbc, $query);
    $user_name = $row['user_name'];
    $password = $row['password'];
    
      $query = "SELECT * FROM user_info WHERE password = SHA($user_password)";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 1) {
      $valid_password = true;
      }


// If image and password are entered
    if (!empty($user_password) && !empty($image_name)) {
// If the entered password matches the user's password
      if ($valid_password == true) {
// If the copyright is agreed to
      if (($agree) == ('checked')) {
// If the pic is valid
      if ((($image_name_type == 'image/gif') || ($image_name_type == 'image/jpeg') || ($image_name_type == 'image/pjpeg') || ($image_name_type == 'image/png'))
        && ($image_name_size > 0) && ($image_name_size <= GW_MAXFILESIZE)) {
        if ($_FILES['image_name']['error'] == 0) {
          // Move the file to the target upload folder
          $target = GW_UPLOADPATH . $image_name;
          if (move_uploaded_file($_FILES['image_name']['tmp_name'], $target)) {
            // Connect to the database
     $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
      or die('Error connecting to MySQL server.');

            // Write the data to the database
            $query = "INSERT INTO user_images VALUES (0, '$user_name', NOW(), '$image_name')";
            mysqli_query($dbc, $query);

            // Confirm success with the user
            echo '<p>Thanks for submitting an image!  Under review as soon as possible.</p>';
            echo '<p><strong>User Name:</strong> ' . $user_name . '<br />';
            echo '<img src="' . GW_UPLOADPATH . $image_name . '" alt="Submitted Image" /></p>';
            echo '<p><a href="submit.php"><< Back to submit page.</a></p>';

            // Clear the id data to clear the form
            $user_name = "";
            $image_name = "";

            mysqli_close($dbc);
          }
          else {
            echo '<p class="error">Sorry, there was a problem uploading your screen shot image.</p>';
          }
        }
      }
      else {
        echo '<p class="error">The screen shot must be a GIF, JPEG, or PNG image file no greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.</p>';
      }

      // Try to delete the temporary screen shot image file
      @unlink($_FILES['image_name']['tmp_name']);
    }
    else {
      echo '<p class="error">Must agree with and check copyright box.</p>';        
    }

} else {
      echo '<p class="error">Password Incorrect</p>';    
    }
} else {
   //   echo 'Pass' . $password . ' 1';
    //  echo 'User pass' . $user_password . ' 2';
   //   echo 'Checkbox' . $agree . ' 3';
  //    echo 'Username' . $user_name . ' 3';
      echo '<p class="error">Please enter all of the information to add your image.</p>';
    }
  }
//  mysqli_close($dbc);
?>

<table border="1" cellspacing = "20">
<tr><td width = 960px><h2>Submit an Image</h2></td></tr>
</table>


<table border="1" cellspacing = "20">
  <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

<tr><td width = "300">    
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo GW_MAXFILESIZE; ?>" />
<label for="image_name">Image:</label></td>
<td><input type="file" id="image_name" name="image_name" />
</td></tr>    
    
<tr><td width = "300">
<label for="user_password">Enter Password:</label></td>
<td><input type="text" id="user_password" name="user_password" /><br />
</td></tr>

<tr><td width = "300">      
<label for="terms">This image is my own work and I own all copyrights to it.</label></td>
<td><input type="checkbox" id="agree" name="agree" value = "checked"/><br />
</td></tr>
    
<tr><td width = "300">        
<input type="submit" value="Submit Image" name="submit" />
</td></tr>   
        
  </form>
</td>
</tr>
</table>


<img src = "/IMAGES/WEBSITE/bottomBlue960.jpg">
<!-- end .contentWhite960 --></div>

<div class="footer">
<?php
  // Insert the page footer
  require_once('footer.php');
?>
<!-- end .footer --></div>

 

 

Thanks if you can help,

Craig

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.