I have a simple query which updates the last time a user logs in. For some reason, it is not updating the data when a user logs in. I would be grateful if someone could point out my error. Thanks
<?php
session_start();
$message="";
if(count($_POST)>0) {
$username_usr = $_POST["user_name"];
$password_usr = md5($_POST['password']);
$conn = mysql_connect("localhost","root","");
mysql_select_db("logistor_logistor",$conn);
$result = mysql_query("SELECT * FROM user_usr WHERE username_usr='" . $username_usr . "' and password_usr = '". $password_usr ."'");
$row = mysql_fetch_array($result);
if(is_array($row)) {
$_SESSION["username"] = $row[username_usr];
$_SESSION["password"] = $row[password_usr];
$_SESSION["S_name"] = $row[name_usr];
} else {
$message = "Invalid Username or Password!";
}
}
if(isset($_SESSION["username"])) {
$query = "UPDATE user_usr SET logincounter_usr = logincounter_usr+1, lastlogin_usr = NOW() WHERE username_usr = '". $_SESSION["username"] ."'";
header("Location:user_dashboard.php");
}
?>
you miss execute the query in update
$query = "UPDATE user_usr SET logincounter_usr = logincounter_usr+1, lastlogin_usr = NOW() WHERE username_usr = '". $_SESSION["username"] ."'";
$result = mysql_query($query);
Related
Can someone help me put this code in order? it keeps on loading the login.html page even though the login is correct.
I actually wanted to create a user dashboard that has user details displayed on the dashboard.php so I used the page for authenticating users and also showing users details
<?php
if (isset($_POST['search']))
{
$email = $_POST['email'];
$password = $_POST['password'];
$con = mysqli_connect('localhost', 'root', '', 'userregistration');
$query = "select * from usertable where `email` ='" . $email . "' AND `password`='" . $password . "' ";
$result = mysqli_query($con, $query);
if (mysqli_num_rows($result) > 0)
{
while ($row = mysqli_fetch_array($result))
{
$name = $row['name'];
$balance = $row['balance'];
$acc_level = $row['acc_level'];
$invested = $row['invested'];
$Btc_balance = $row['Btc_balance'];
}
}
else
{
header('location:../login.html');
else
}
mysqli_free_result($result);
mysqli_close($con);
}
?>
I am building a login system and i want to add a functionality of deleting the account. I created my code but it doesn't work.
require_once '../db.php';
session_start();
session_regenerate_id();
if (isset($_POST['delete'])) {
$username = mysqli_real_escape_string($connection, $_SESSION['username']);
$password = mysqli_real_escape_string($connection, $_SESSION['password']);
$result = $connection->query("DELETE FROM users WHERE username = '$username'");
$delete = mysqli_query($connection,$result);
if (!$delete) {
echo "Data Not Deleted";
} else {
echo "Data Deleted";
}
}
It is echoing Data not deleted . Any idea why it doesn't work.
Try:
$result = "DELETE FROM users WHERE username = '$username'";
$delete = mysqli_query($connection,$result);
You're running a query in the query otherwise...
Try $result = $connection->query("DELETE FROM users WHERE username = $username");
At least, with SELECT it works
I am trying to update database using form. Here is the php code
require 'connect.php';
include_once('header.php');
if (isset($_GET['id']) && is_numeric($_GET['id'])){
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
if(isset($_REQUEST['value1'])){
$value1 = $_REQUEST['value1'];
$value2 = $_REQUEST['value2'];
$value3 = $_REQUEST['value3'];
$update = mysql_query("UPDATE `table` SET `value1` = $value1, `value2` = $value2 WHERE `id` = $id");
if($update){
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
}else{
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}
It is working perfectly and updating the database. But once it shows "Server updated successfully." Below, it still shows old values in form.
How do i make the page or values reload after successful update?
}
Order of operations should be
update
select
show
so you put the update part first (taking care to prevent sql injection):
require 'connect.php';
include_once('header.php');
$id = (integer) #$_GET['id'];
if (! empty($id)) {
if (isset($_REQUEST['value1'])) {
$value1 = mysql_real_escape_string($_REQUEST['value1']);
$value2 = mysql_real_escape_string($_REQUEST['value2']);
$value3 = mysql_real_escape_string($_REQUEST['value3']);
$update = mysql_query("UPDATE `table` SET `value1` = '$value1', `value2` = '$value2' WHERE `id` = $id");
if ($update) {
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
} else {
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}
}
now you can do your select:
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
}
now you can show your page:
Check below code
require 'connect.php';
include_once('header.php');
if (isset($_GET['id']) && is_numeric($_GET['id'])){
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
if(isset($_REQUEST['value1'])){
$value1 = $_REQUEST['value1'];
$value2 = $_REQUEST['value2'];
$value3 = $_REQUEST['value3'];
$update = mysql_query("UPDATE `table` SET `value1` = $value1, `value2` = $value2 WHERE `id` = $id");
if($update){
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
}else{
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}
When a user signs in i want to echo back there ID (which is created because of the auto_increment in phpMyAdmin) from there account, here's my login.PHP:
<?php
$conn = mysqli_connect("xxxxxx", "xxxxx", "xxxx", "BuyerAccounts");
$Email = $_POST["Email"];
$Password = $_POST["Password"];
$sql_query = "select Buyer_Email from user_info where Buyer_Email like '$Email' and Buyer_Password like '$Password';";
$result = mysqli_query($conn, $sql_query);
if(mysqli_num_rows($result) > 0 ){
$row = mysqli_fetch_assoc($result);
$name = $row["Buyer_Email"];
echo "Welcome: Buyer";
}else{
$int = 1;
//echo "Buyer login failed...";
}
}else{
echo "Login failed...";
}
}
mysqli_stmt_close($statement);
mysqli_close($conn);
?>
Add the column name id in your sql query.let say your column name for id is ID
$sql_query = "select ID,Buyer_Email from user_info where Buyer_Email like '$Email' and Buyer_Password like '$Password';";
$result = mysqli_query($conn, $sql_query);
if(mysqli_num_rows($result) > 0 ){
$row = mysqli_fetch_assoc($result);
$name = $row["Buyer_Email"];
$user_id = $row['ID'];
echo $user_id;
echo "Welcome: Buyer";
}
Since your making login in php its good choice to use $_SESSION.
All you need to do is add a session_start(); at the top of any php script where you need to use session.
<?php
session_start();
$conn = mysqli_connect("xxxxxx", "xxxxx", "xxxx", "BuyerAccounts");
$Email = $_POST["Email"];
$Password = $_POST["Password"];
$sql_query = "select ID,Buyer_Email from user_info where Buyer_Email like '$Email' and Buyer_Password like '$Password';";
$result = mysqli_query($conn, $sql_query);
if(mysqli_num_rows($result) > 0 ){
$row = mysqli_fetch_assoc($result);
$name = $row["Buyer_Email"];
$user_id = $row['ID'];
//using session
$_SESSION["user_id"] = $user_id;
echo $user_id;
echo "Welcome: Buyer";
}
Now you can access anywhere in your php script using the $_SESSION variable.
echo $_SESSION["user_id"] ;
Let's start from the beginning. You create a login form, you store sessions based on the values:
login.php
session_start();
$_SESSION["username"] = $username;
main.page
$username = $_SESSION["username"];
echo "Hi $username";
EDIT 2
Ok, so you want to check if username exists and then echo their ID. Regardless, almost all login systems have sessions.
After logging in, let's say you have a $_SESSION of id.
php
session_start();
$id = $_SESSION["id"];
$db = mysqli_connect("xxxxxx", "xxxxx", "xxxx", "BuyerAccounts");
$check = $db->query("SELECT * FROM users WHERE id='$id'");
$num_check = $check->num_rows;
$fetch_check = $check->fetch_object();
$id2 = $fetch_check->id;
if($num_check) {
// User Exists
echo $id2;
} else {
echo "You don't exist."
}
Please note, normally, I would just echo $id. However, the OP requested to echo the id from the db, so I echoed $id2.
I think I have an error uon the usertype 3 cause it always go to the notification and if I change both notification and plsvote.php it will just refresh so please help me what to do
if (isset($_POST['login'])){
$idno = $_POST['idno'];
$password = $_POST['password'];
$position = $_POST['user_type'];
$sql1 = "SELECT * FROM users WHERE idno = '$idno' AND password = '$password'";
$result = mysql_query($sql1) or die();
$row = mysql_fetch_array($result);
$num_row = mysql_num_rows($result);
//if the user is admin
if ($row['user_type'] == "1"){
mysql_query("insert into user_log (idno,login_date) values('$username',NOW())")or die(mysql_error());
$YearNow=Date('Y');
header('location:admin/index.php');
}
//if the user is student
else if ($row['user_type'] == "3") {
$sql_c = "SELECT * FROM users,studentvotes,school_year = users.idno = studentvotes.idno AND studentvotes.syearid =school_year.syearid AND school_year.from_year like $YearNow ";
$result1 = mysql_query($sql_c) or die(mysql_error());
while($row2=mysql_fetch_array($result1)){
$_SESSION['SESS_COURSE'] = $row2['progid'];
$_SESSION['SESS_MEMBER_ID'] = $idno;
//$query = mysql_query ("INSERT INTO user_log VALUES('$idno',NOW(), 'Login') ") or die(mysql_error());
header('location:plsvote.php');
}
}
else{
header('location:notification.php');
exit();
}
}