Page 1 of 1

hi

Posted: Sat May 27, 2006 9:01 am
by reecec
Hi my mysql query wont work i added an if command to see if it would tell me if it doesnt work and i did get the else which shows it was a problem with my last query for the log if i take it out it will work fine i get no new rows to my log

please could someone see if theres an problem

Code: Select all

<?php 
$server = "localhost";
$dbuser = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbpass = "****DONT SHOW US YOUR LOGIN INFO SILLY****";
$dbname = "****DONT SHOW US YOUR LOGIN INFO SILLY****";

// Connect to the database
mysql_connect($server,$dbuser,$dbpass) or die ("Could not establish connection"); // make connection
mysql_select_db($dbname); // select database



// convert posted info to easy to use variables
$user = $_REQUEST['username'];
$pass = $_REQUEST['password'];


// strip away any dangerous tags
$user=strip_tags($user);
$pass=strip_tags($pass);


// remove spaces from variables
$user=str_replace(" ","",$user);
$pass=str_replace(" ","",$pass);


// remove escaped spaces
$user=str_replace("%20","",$user);
$pass=str_replace("%20","",$pass);

// add slashes to stop hacking
$user=addslashes($user);
$pass=addslashes($pass);

// hash users password for security (32 chars random - md5)
$pass=md5($pass);


// search database to check for user
$request = "SELECT * FROM registered_members WHERE password='".$pass."' AND name='".$user."'";

// hand over the request
$results = mysql_query($request);


// if mysql returns any number of rows great than 0 then there is a succesful login
if(mysql_num_rows($results))


{
// get users id
$getid = "SELECT * FROM registered_members WHERE name ='".$user."' LIMIT 1";
$getidexec = mysql_query($getid);
while($r=mysql_fetch_array($getidexec))
$userid = $r[userid];
}
if ($getidexec) {

//sets date and time variables
$viewer = $HTTP_USER_AGENT;
$last = gmdate("Y-m-d");
$time = gmdate("H:i", time() + $zone);

//build and issue the query
$sql2="INSERT INTO log_login (user, last, time, IP)VALUES('$user', '$last', '$time', '$REMOTE_ADDR')";
$result2=mysql_query($sql2);
} 
if ($result2) {
// set a cookie
setcookie( "id", "$id", time()+3600, "/", "", 0 );
setcookie( "user", "$user", time()+7200, "/", "", 0 );
echo "Welcome, $user you loged in succesfully.<br><br><a href="test.php?username=$user">Continue...</a>";

}
else // only happens if not a succesful username and password match
{
// login failed so display error message and kill script
die("Username and passwords do not match our records<br><br><a href="loginform.htm">Click to retry ?");
}
?>
thanks reece
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.

Posted: Sat May 27, 2006 9:24 am
by feyd
okay, seriously, choose better thread subjects. "hi" doesn't say crap about anything... and there's this little thing:
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.

Posted: Sat May 27, 2006 10:01 am
by Roja
Its also a second post for the same issue: viewtopic.php?t=49092

Posted: Sat May 27, 2006 10:12 am
by hawleyjr
Do not double post....Locked

Posted: Sat May 27, 2006 12:05 pm
by hawleyjr
Per Your Request topic unlocked.

Also, you may want to check into datetime functions in mysql.

Code: Select all

//sets date and time variables
$last = gmdate("Y-m-d");
$time = gmdate("H:i", time() + $zone);

//build and issue the query
$sql ="INSERT INTO log_login VALUES
        ('$user', '$last', '$time', '$REMOTE_ADDR')";
$result2 = @mysql_query($sql);

unlocked

Posted: Sat May 27, 2006 12:08 pm
by reecec
thanks for unlocking topic


so you mean it may have an error with my $last and $time

so that could be why it wont insert into the database


thanks reece

sorry

Posted: Sat May 27, 2006 12:58 pm
by reecec
dont worry


i put the wrong table name



thanks reece