Last Problem on my Website

[tworatz]

CAN SOMEONE PLEASE TELL ME HOW TO FIX THIS ERROR
Warning: mssql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\register.php on line 39

I fix that problem but have another problem when i register its succesfull and i check the account_tbl the user name and password was registered but cant log in on the game and i noticed that all account created on my website have the same password

(bc61e715a2b42fb814ffe9a3d27f28ed)

here is my registration php>>>>>>>>>>>>>>>>>>>

<?php

#############################
##Copyright (c) TheJacob#####
##All Rights Reserved########
##thejacobpollack@gmail.com##
#############################

#############################
#############################

##Configuration##
$mssql_server = "RENE-DUAL\SQLEXPRESS"; //MSSQL name
$mssql_username = "sa"; //MSSQL username
$mssql_password = "sophia"; //MSSQL password
$mssql_account_db = "ACCOUNT_DBF"; //MSSQL account database name
$mssql_account_table = "ACCOUNT_TBL"; //MSSQL account table name
$mssql_username_column = "sa"; //MSSQL username column in account table
$mssql_password_column = "sophia"; //MSSQL password column in account table
$hash = "serus"; //Hash code
$random_text_text = "e=mc2"; //Random text they must enter to register

#############################
#############################

##Configuration Settings Check##
if (($mssql_server == "") || ($mssql_username == "") || ($mssql_password == "") || ($mssql_account_db == "") || ($mssql_account_table == "") || ($mssql_username_column == "") || ($mssql_password_column == "") || ($hash == "") || ($random_text_text == "")) {
die ("<strong>Please fill in all the configuration settings! For your own security and the functionality of the script, you cannot leave them blank.</strong>");
}

##Connect##
$mssql_connect = mssql_connect($mssql_server, $mssql_username, $mssql_password) or die ("<strong>Cannot connect to the MSSQL Database.</strong>");
$mssql_select = mssql_select_db($mssql_account_db) or die ("<strong>Cannot select the MSSQL Database.</strong>");

##Function##
function doesUsernameExist($username){
$exit = FALSE;
$result = @mssql_query("SELECT * FROM $mssql_account_table WHERE $mssql_username_column='$username'");
if (mssql_num_rows($result) != 0){
$exit = TRUE;
}
return $exit;
}

$pusername = $_POST['username']; //Post wsername
$ppassword = $_POST['password']; //Post password
$prpassword = $_POST['rpassword']; //Post re-enter password
$fpassword = md5($hash . $password); //Full/Final password
$random_text = $_POST['random_text']; //Random text

if (isset($_POST['submit']) == true) {
$username = preg_replace("/[^a-zA-Z0-9\-\_\!\$\#\@\^\&\*\(\)\^\+\ \.\?]/", "", $pusername);
$password = preg_replace("/[^a-zA-Z0-9\-\_\!\$\#\@\^\&\*\(\)\^\+\ \.\?]/", "", $ppassword);

if ((isset($_POST['submit']) == true) and (strlen($pusername) < 3) || (strlen($pusername) > 15)) {
echo "Your username must be between 3 and 15 characters in length.";
}

else if ((isset($_POST['submit']) == true) and ((strlen($ppassword) < 3) || (strlen($ppassword) > 15) || (strlen($prpassword) < 3) || (strlen($prpassword) > 15))) {
echo "The password must be between 3 and 15 characters in length.";
}

else if ((isset($_POST['submit']) == true) and ($ppassword != $prpassword)) {
echo "The passwords must be the same.";
}

else if ((isset($_POST['submit']) == true) and (($pusername == $ppassword) || ($pusername == $prpassword))) {
echo "The username and password cannot be the same.";
}

else if ((isset($_POST['submit']) == true) and ($random_text != $random_text_text)) {
echo "The random text must be filled in correctly. Please take another look at the random text.";
} else {
if ((isset($_POST['submit']) == true) and (!doesUsernameExist($username))) {
$stmt = mssql_init('createaccount', $mssql_connect);
mssql_bind($stmt, '@account', $username, SQLVARCHAR, false, false, 15);
mssql_bind($stmt, '@password', $fpassword, SQLVARCHAR, false, false, 36);
mssql_execute($stmt) or die ("<strong>Error occurred while executing the statement.</strong>");
mssql_free_statement($stmt);
echo "You've been successfully registered as <strong>" . $username . "</strong>!";
} else {
echo "The username already exists.";
}
}
}

?>

<form method ="post" action="#">
<table>

<tr>
<td><strong>Username</strong></td>
</tr>
<tr>
<td><input name="username" type="username"></td>
</tr>
<tr>
<td><strong>Password</strong></td>
</tr>
<tr>
<td><input name="password" type="password"></td>
</tr>
<tr>
<td><strong>Re-enter Password</strong></td>
</tr>
<tr>
<td><input name="rpassword" type="password"></td>
</tr>
<tr>
<td><strong>Please enter "<?php echo $random_text_text ?>" without the brackets below</strong></td>
</tr>
<tr>
<td><input name="random_text" type="text"></td>
</tr>
<tr>
<td><input name="submit" type="submit" value="Register"></td>
</tr>

</table>
</form>

THANKS IN ADVANCE

[MentaL]

[Satan]

Delete all those current accounts, and then try again. but they ALL must be deleted, double check that your MD5 is actually 'serus' aswell if you're using V14 files may be different. =]

#Edit, I think the 2nd Username/password should be

Username = account

Password = password