hi
Posted: Sat May 27, 2006 9:01 am
Hi my mysql query wont work i added an if command to see if it would tell me if it doesnt work and i did get the else which shows it was a problem with my last query for the log if i take it out it will work fine i get no new rows to my log
please could someone see if theres an problem
thanks reece
please could someone see if theres an problem
Code: Select all
<?php
$server = "localhost";
$dbuser = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbpass = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbname = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
// Connect to the database
mysql_connect($server,$dbuser,$dbpass) or die ("Could not establish connection"); // make connection
mysql_select_db($dbname); // select database
// convert posted info to easy to use variables
$user = $_REQUEST['username'];
$pass = $_REQUEST['password'];
// strip away any dangerous tags
$user=strip_tags($user);
$pass=strip_tags($pass);
// remove spaces from variables
$user=str_replace(" ","",$user);
$pass=str_replace(" ","",$pass);
// remove escaped spaces
$user=str_replace("%20","",$user);
$pass=str_replace("%20","",$pass);
// add slashes to stop hacking
$user=addslashes($user);
$pass=addslashes($pass);
// hash users password for security (32 chars random - md5)
$pass=md5($pass);
// search database to check for user
$request = "SELECT * FROM registered_members WHERE password='".$pass."' AND name='".$user."'";
// hand over the request
$results = mysql_query($request);
// if mysql returns any number of rows great than 0 then there is a succesful login
if(mysql_num_rows($results))
{
// get users id
$getid = "SELECT * FROM registered_members WHERE name ='".$user."' LIMIT 1";
$getidexec = mysql_query($getid);
while($r=mysql_fetch_array($getidexec))
$userid = $r[userid];
}
if ($getidexec) {
//sets date and time variables
$viewer = $HTTP_USER_AGENT;
$last = gmdate("Y-m-d");
$time = gmdate("H:i", time() + $zone);
//build and issue the query
$sql2="INSERT INTO log_login (user, last, time, IP)VALUES('$user', '$last', '$time', '$REMOTE_ADDR')";
$result2=mysql_query($sql2);
}
if ($result2) {
// set a cookie
setcookie( "id", "$id", time()+3600, "/", "", 0 );
setcookie( "user", "$user", time()+7200, "/", "", 0 );
echo "Welcome, $user you loged in succesfully.<br><br><a href="test.php?username=$user">Continue...</a>";
}
else // only happens if not a succesful username and password match
{
// login failed so display error message and kill script
die("Username and passwords do not match our records<br><br><a href="loginform.htm">Click to retry ?");
}
?>[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.