Receiving mysqli parameter warnings?

Question

I'm a beginner at PHP and I'm attempting to create a register, login form. There's a problem I've been trying to solve for a few days and I'm not sure where I went wrong, I'm hoping I can find the solution to it and understand what I did wrong.

My errors:

Warning: mysqli_query() expects at least 2 parameters, 1 given in /registration.php on line 64

Warning: mysql_num_rows() expects parameter 1 to be resource, null given in /registration.php on line 66

Warning: mysqli_query() expects at least 2 parameters, 1 given in /registration.php on line 73

PHP:

<?php
$connection = mysqli_connect("mysql.hostname.com","user998988","9858588");
mysqli_select_db($connection,"user9898989");

   if(isset($_POST['signup'])) {

    $user_name = $_POST['name'];
    $user_pass = $_POST['pass'];
    $user_email = $_POST['email'];

   if($user_name==''){
   echo "<script>alert('Please enter your name!')</script>";
   exit();
   }

   if($user_pass==''){
   echo "<script>alert('Please enter your password!')</script>";
   exit();
   }

   if($user_email==''){
   echo "<script>alert('Please enter your email!')</script>";
   exit();
   }

   $check_email = "select * from users where user_email='$user_email'";

   $run = mysqli_query($check_email);

   if(mysql_num_rows($run)>0) {

   echo "<script>alert('Email $user_email already exists')</script>";
   exit();
   }

   $querying = "insert into users (user_name,user_pass,user_email) values ('$user_name','$user_pass','$user_email')";
   if(mysqli_query($querying)) {

   echo  "<script>alert('Registration successful!')</script>";
}

}
?>

The error message is pretty clear what is wrong I would say... — PeeHaa, Sep 27 '14 at 10:07
You're mixing `mysql_*()` and `mysqli_*()`. They're different and you can't mix them. Don't use `mysql_*()` - it's deprecated. Beyond that, the message tells you everything you need to know. — , Sep 27 '14 at 10:09
I'd like to apologize for my idiotic question and thank everyone for pointing out my flaws. — user3649195, Sep 27 '14 at 10:38

score 0 · Answer 1 · answered Sep 27 '14 at 10:17

$check_email = "select * from users where user_email='$user_email'";

   $run = mysqli_query($check_email);

   if(mysql_num_rows($run)>0)

Change above line to this

$check_email = "select * from users where user_email='$user_email'";

   $run = mysqli_query($connection,$check_email);

   if(mysql_num_rows($run)>0)

and remove this line

mysqli_select_db($connection,"user9898989");

score 0 · Accepted Answer · answered Sep 27 '14 at 10:18

If you have read the comments above, they are correct:

You need to pass the connection on the first parameter of mysqli_query:

$run = mysqli_query($connection, $check_email);

Then after that, don't mix up API, you're using mysqli, then use the appropriate function:

if(mysqli_num_rows($run) > 0) {

And lastly, always try to use prepared statments, you're using mysqli anyways:

$stmt = $connection->prepare('INSERT INTO users (user_name,user_pass,user_email) VALUES(?, ?, ?) ');
$stmt->bind_param('sss', $user_name, $user_pass, $user_email);
$stmt->execute();

And I suggest don't insert plain naked password in DB. Use the password hashing of PHP.

Receiving mysqli parameter warnings?

2 Answers2