Question posted in 
Can someone please explain to me why I keep getting the following error when I use the mysqli_num_rows() function?
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator to inform of the time the error occurred and of anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Here is my php script:
<?php
//stores user input as variable
$username = $_POST['username'];
$password = $_POST['password'];
//selects from users table
$sql = "SELECT * FROM Members WHERE username='$username' and password='$password'";
$results = mysqli_query($con,$sql);
$count = mysqli_num_rows($results);
/*//starts session and sets cookie if count is true
if($count>=1)
{
session_start();
$_SESSION['username'] = ' ';
$_SESSION['password'] = ' ';
header("location: index.html");
}
//returns message if user input does not match database
else
{
echo "Invalid username or password";
}*/
?>
I get this error at the mysqli_num_rows() function everything before it works fine. I am using Plesk on a Godaddy server by the way.
3
Answers
How to get mysqli error in different environments? for the first
and How can I prevent SQL injection in PHP? for the second
just fetch your data and use it as a flag for the last
As far as I can see there is no function as
mysqli_num_rows().Is the $con variable declared elsewhere? I don’t see it being declared. Also, you are subject to injection attacks with this current code. Make sure you escape your parameters before using this publicly.