Timestamps... Can't Seem to get it to work.....
-
Okay, I tried using W3Schools to "UPDATE" a timestamp, upon logging in, here is my code:
$sql = mysql_query('UPDATE `DBNAME`.`TABLENAME` SET `lastactive` = NOW() WHERE `TABLENAME`.`username` = $username ;');
Here is the login code:
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim(md5($_POST['password']));
if($username == NULL OR $password == NULL){
$final_report.="Please complete all the fields below..";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="The username that you submitted does not exist..";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";That is the code above the timestamp issue. The page loads and everything, it just doesn't update it into the database... Please Help. Thanks!
-
Okay, I tried using W3Schools to "UPDATE" a timestamp, upon logging in, here is my code:
$sql = mysql_query('UPDATE `DBNAME`.`TABLENAME` SET `lastactive` = NOW() WHERE `TABLENAME`.`username` = $username ;');
Here is the login code:
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim(md5($_POST['password']));
if($username == NULL OR $password == NULL){
$final_report.="Please complete all the fields below..";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="The username that you submitted does not exist..";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";That is the code above the timestamp issue. The page loads and everything, it just doesn't update it into the database... Please Help. Thanks!
The user name will be a text string, so you need to enclose it in quotes:
$sql = mysql_query("UPDATE members SET lastactive=NOW() WHERE username='$username'");
I've also replaced the DBNAME and TABLENAME with the actual name of your table, and replaced the single quotes around the SQL string with double quotes so that
$usernamewill be expanded. Also, instead of:$password = trim(md5($_POST['password']));
you probably want:
$password = md5(trim($_POST['password']));
- an MD5 hash won't have any spaces in it, but the password you pass to it might.
-
Okay, I tried using W3Schools to "UPDATE" a timestamp, upon logging in, here is my code:
$sql = mysql_query('UPDATE `DBNAME`.`TABLENAME` SET `lastactive` = NOW() WHERE `TABLENAME`.`username` = $username ;');
Here is the login code:
if(isset($_POST['login'])){
$username= trim($_POST['username']);
$password = trim(md5($_POST['password']));
if($username == NULL OR $password == NULL){
$final_report.="Please complete all the fields below..";
}else{
$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());
if(mysql_num_rows($check_user_data) == 0){
$final_report.="The username that you submitted does not exist..";
}else{
$get_user_data = mysql_fetch_array($check_user_data);
if($get_user_data['password'] == $password){
$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";That is the code above the timestamp issue. The page loads and everything, it just doesn't update it into the database... Please Help. Thanks!
You are still not sanitizing your data inputs, to protect you from SQL Injection Attacks[^]. Use: mysql_real_escape_string[^]
thebiostyle wrote:
"".$get_user_data['username'].""
That does nothing useful. You don't need the empty strings either side, they do nothing, just have the variable.
thebiostyle wrote:
$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";
Are you sure you want to keep the hashed password as a session variable?
If at first you don't succeed, you're not Chuck Norris.