hi

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
reecec
Forum Contributor
Posts: 218
Joined: Sun Apr 02, 2006 7:12 am

hi

Post by reecec »

Hi my mysql query wont work i added an if command to see if it would tell me if it doesnt work and i did get the else which shows it was a problem with my last query for the log if i take it out it will work fine i get no new rows to my log

please could someone see if theres an problem

Code: Select all

<?php 
$server = "localhost";
$dbuser = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbpass = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbname = "****DONT SHOW US YOUR LOGIN INFO SILLY****";

// Connect to the database
mysql_connect($server,$dbuser,$dbpass) or die ("Could not establish connection"); // make connection
mysql_select_db($dbname); // select database



// convert posted info to easy to use variables
$user = $_REQUEST['username'];
$pass = $_REQUEST['password'];


// strip away any dangerous tags
$user=strip_tags($user);
$pass=strip_tags($pass);


// remove spaces from variables
$user=str_replace(" ","",$user);
$pass=str_replace(" ","",$pass);


// remove escaped spaces
$user=str_replace("%20","",$user);
$pass=str_replace("%20","",$pass);

// add slashes to stop hacking
$user=addslashes($user);
$pass=addslashes($pass);

// hash users password for security (32 chars random - md5)
$pass=md5($pass);


// search database to check for user
$request = "SELECT * FROM registered_members WHERE password='".$pass."' AND name='".$user."'";

// hand over the request
$results = mysql_query($request);


// if mysql returns any number of rows great than 0 then there is a succesful login
if(mysql_num_rows($results))


{
// get users id
$getid = "SELECT * FROM registered_members WHERE name ='".$user."' LIMIT 1";
$getidexec = mysql_query($getid);
while($r=mysql_fetch_array($getidexec))
$userid = $r[userid];
}
if ($getidexec) {

//sets date and time variables
$viewer = $HTTP_USER_AGENT;
$last = gmdate("Y-m-d");
$time = gmdate("H:i", time() + $zone);

//build and issue the query
$sql2="INSERT INTO log_login (user, last, time, IP)VALUES('$user', '$last', '$time', '$REMOTE_ADDR')";
$result2=mysql_query($sql2);
} 
if ($result2) {
// set a cookie
setcookie( "id", "$id", time()+3600, "/", "", 0 );
setcookie( "user", "$user", time()+7200, "/", "", 0 );
echo "Welcome, $user you loged in succesfully.<br><br><a href="test.php?username=$user">Continue...</a>";

}
else // only happens if not a succesful username and password match
{
// login failed so display error message and kill script
die("Username and passwords do not match our records<br><br><a href="loginform.htm">Click to retry ?");
}
?>
thanks reece
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

okay, seriously, choose better thread subjects. "hi" doesn't say crap about anything... and there's this little thing:
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

Its also a second post for the same issue: viewtopic.php?t=49092
User avatar
hawleyjr
BeerMod
Posts: 2170
Joined: Tue Jan 13, 2004 4:58 pm
Location: Jax FL & Spokane WA USA

Post by hawleyjr »

Do not double post....Locked
User avatar
hawleyjr
BeerMod
Posts: 2170
Joined: Tue Jan 13, 2004 4:58 pm
Location: Jax FL & Spokane WA USA

Post by hawleyjr »

Per Your Request topic unlocked.

Also, you may want to check into datetime functions in mysql.

Code: Select all

//sets date and time variables
$last = gmdate("Y-m-d");
$time = gmdate("H:i", time() + $zone);

//build and issue the query
$sql ="INSERT INTO log_login VALUES
        ('$user', '$last', '$time', '$REMOTE_ADDR')";
$result2 = @mysql_query($sql);
reecec
Forum Contributor
Posts: 218
Joined: Sun Apr 02, 2006 7:12 am

unlocked

Post by reecec »

thanks for unlocking topic


so you mean it may have an error with my $last and $time

so that could be why it wont insert into the database


thanks reece
reecec
Forum Contributor
Posts: 218
Joined: Sun Apr 02, 2006 7:12 am

sorry

Post by reecec »

dont worry


i put the wrong table name



thanks reece
Post Reply