Registered people can't login.

Awestruck

Several people are registered in the database and I can see their details in the table using phpmyadmin.
Unfortunately, when trying to login, this message is displayed:

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\login\login.php on line 50

Password/e-mail entered does not match our records.
Perhaps you need to register, just click the Register button on the header menu

Warning: mysqli_free_result() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\login\login.php on line 77

The relevant section of the code for the login page is given below:

<?php 
// This section processes submissions from the login form
// Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    //connect to database
try {
    require ('mysqli_connect.php');
    // Validate the email address
    if (!empty($_POST['email'])) {
        $e = mysqli_real_escape_string($dbcon, $_POST['email']);
    } else {
    $e = FALSE;
        echo '<p class="error">You forgot to enter your email address.</p>';
    }
    // Validate the password
    if (!empty($_POST['psword'])) {
            $p = mysqli_real_escape_string($dbcon, $_POST['psword']);
    } else {
    $p = FALSE;
        echo '<p class="error">You forgot to enter your password.</p>';
    }
    if ($e && $p){//if no problems
// Retrieve the user_id, psword, first_name and user_level for that
// email/password combination
$q = 'SELECT user_id, psword, fname, user_level FROM users WHERE email="$e"';

// Run the query and assign it to the variable $result
$result = mysqli_query ($dbcon, $q);
// Count the number of rows that match the email/password combination
//echo mysqli_num_rows($result);
if (mysqli_num_rows($result) == 1) { [B]//line 50[/B]
//if one database row (record) matches the input:-
// Start the session, fetch the record and insert the 
// values in an array 
$row = mysqli_fetch_array($result, MYSQLI_NUM);
if (password_verify($p, $row[1])) {
session_start();									
// Ensure that the user level is an integer. 
$_SESSION['user_level'] = (int) $row[3];
// Use a ternary operation to set the URL
$url = ($_SESSION['user_level'] === 1) ? 'admin-page.php' :
 'members-page.php'; 
header('Location: ' . $url); 
// Make the browser load either the members or the admin page
} else { // No password match was made.
echo '<p class="error">Password/e-mail entered does not match our records.';
echo '<br>Perhaps you need to register, just click the Register;
echo button on the header menu</p>';
}
} else { // No e-mail match was made.
echo '<p class="error">Password/e-mail entered does not match our records.';
echo '<br>Perhaps you need to register, just click the Register ';
echo 'button on the header menu</p>';
}
} else { // If there was a problem.
echo '<p class="error">Please try again.</p>';
}
mysqli_free_result($result);[B]//Line 77[/B]
mysqli_close($dbcon);
} catch(Exception $e)
{
print  "An Exception occurred. Message: " . $e->getMessage();
}
catch(Error $e)
{
print  "An Error occurred. Message: " . $e->getMessage();
}	
} // no else to allow user to enter values
?>

Weedpacket

Start with reading the error message.

Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\login\login.php on line 50

So look at the result that you're trying to use on line 50. It's failing to be created properly, so look at where it's being created. Something is wrong with that. (If the database is rejecting a query, [man]mysqli_error[/man] can provide its description why.)

NogDog

This is not going to work as desired:

$q = 'SELECT user_id, psword, fname, user_level FROM users WHERE email="$e"';

Variables are not interpolated within single-quoted string literals in PHP.

Awestruck

Many thanks Weedpacket and NogDog for your prompt replies.

I realise that the error messages mean that the result that is returned is FALSE, but as a newbie to PHP 7 and MariaDB 10 I am unable to see why.
I searched the links given for mysqli-error but I don't know where to insert that error checking function.

I changed the $q line as recommended by NogDog to the following but it had no effect on the errors:

$q = "SELECT user_id, psword, fname, user_level FROM users WHERE email='$e'";

NogDog

So what you can do is see if it worked, and if not, get MySQL (MariaD😎 to tell you why not:

$result = mysqli_query ($dbcon, $q); 
if($result == false) {
    throw new Exception(mysqli_error($dbcon)."\n$q");
}

Depending on how you are handling exceptions, this could potentially throw a lot of DB info on the screen, so you might need to adjust the exception-handling code to avoid that before going live with it. 🙂

Awestruck

Many thanks NogDog

That error code you provided found the problem for me.

And of course there is yet one more error that I am chasing up, but I think I can solve that.

Best wishes
Awestruck