I'm trying to make an last activity function for an website. but i can't get it to work. I hope you guys can help me out here.
this is my query:
$last_activity_query = "UPDATE users_table SET user_name = '$user_name' WHERE 'date_last_inlog' = NOW()";
$result_update = mysql_query($last_activity_query);
$last_activity_update = mysql_fetch_array($result_update);
this is an print screen of my database table:
I want to store this update in the last row.
Thanks in advance!
i've changed my script now but its still not changing anything in my database table.
this is the change:
if (isset($_REQUEST['inlog_submit'])){//checks if form is submitted
$user_name = $_REQUEST['username_input'];//request username from inlog_form
$password = $crypt;//gets enqrypted pass
//$tbl_name="user_table"; // Table name
$query = "SELECT * FROM users_table WHERE user_name= '$user_name' AND password='$password'";//query stored in var
$last_activity_query = "UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
$result = mysql_query($query);//var with result of query
$result_update = mysql_query($last_activity_query);
if ($user_name = mysql_fetch_array($result)){//checks inlog data from form with the $result query
$_SESSION['user_name'] = $user_name[user_name];//creates session with username
$_SESSION['password'] = $password[password];//creates session with password
$last_activity_update = mysql_fetch_array($result_update);
header ('Location: admin.php');//when login is correct redirect to specified page
}else{
$error_inlog = 10;//when inlog data is incorrect this error will show
}
}
?>
Your SQL query is in the wrong order.
$last_activity_query = "UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
Your logic is incorrect. Use this:-
"UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
You are using this :-
UPDATE users_table SET user_name = '$user_name' WHERE 'date_last_inlog' = NOW()
You are trying to update user_name column where the date_last_inlog column value is equal to the current time which is logically incorrect.
Related
I need help with update my column in database. I use InnoDB, probably problem is here
$sql_update_heslo = "UPDATE users SET u_password = $_noveHeslo WHERE u_name = '$_SESSION[username]'";
first I am checking if Button was clicke. If yes, then I am checking if there is only 1 user with this name who is logged in, then I am checking if MD5 password from the database is same as user input, if yes then update password based on the user entry.
if (isset($_POST['pass_aktualizovat'])) {
$_old_password = md5($_POST['o_pass']);
$sql_search_for_all_userss = "SELECT * FROM users WHERE u_name = '$_SESSION[username]' ";
$result = mysqli_query($connect_to_db, $sql_search_for_all_userss);
// ak sa najde jedna zhoda v databazy
if ($db_data = mysqli_num_rows($result) == 1) {
while (mysqli_fetch_assoc($result)) {
$_aktualneHeslo = $db_data['u_password'];
}
if (md5($_POST['o_pass'])==$_aktualneHeslo) {
$_noveHeslo = md5($_POST['n_pass']);
$sql_update_heslo = "UPDATE users SET u_password = '$_noveHeslo' WHERE u_name = '".$_SESSION['username']."'";
mysqli_query($connect_to_db, $sql_update_heslo);
echo "treti";
}
echo "druhy";
}
echo "prvy";
}
?>
I want to select the highest value in a table:
$max = "SELECT MAX(pid) FROM pic";
Then pass that value into a PHP variable:
$results_max = $conn->query($max);
$highest_val = $results_max->fetch_assoc();
To then use again in a SQL insert statement:
$sql_update = "UPDATE users
SET username = '$username', pid = '$highest_val'
WHERE username = '$username'";
However i tested out the value i got from my first select statement ($highest_val) and it returns "Array". Does anyone know what I am doing wrong?
Edit:
$sql_update = "UPDATE users
SET username = '$username', pic_id = '$highest_val[pid]'
WHERE username = '$username'" ;
You need to create alias of MAX(pid);
$max = "SELECT MAX(pid) as pid FROM pic";
Now you fetch max pid using
$results_max = $conn->query($max);
$highest = $results_max->fetch_assoc();
$highest_val =$highest['pid'];// pass column name here
And your Update query would be
$sql_update = "UPDATE users
SET username = '".$username."', pid = '".$highest_val."'
WHERE username = '".$username."'";
Hi i'm just wondering if this is possible
$pass_esc = mysql_real_escape_string($pass);
$user_esc = mysql_real_escape_string($user);
$query = "UPDATE users SET user_password = PASSWORD('$pass_esc') WHERE user_name = '$user_esc'";
I don't know if its just me or it is really not possible because everytime i use this i get an error and if i use this
$pass_esc = $pass;
$user_esc = $user;
$query = "UPDATE users SET user_password = PASSWORD('$pass') WHERE user_name = '$user_esc'";
it's fine on my end.
You forgot to put $.
Old query.
$query = "UPDATE users SET user_password = PASSWORD('$pass_esc') WHERE user_name = 'user_esc'";
New query:
$query = "UPDATE users SET user_password = PASSWORD('$pass_esc') WHERE user_name = '$user_esc'";
I have the following code: its purpose is very clear => at login update db with +1 logins for totallogins and record the time of the very last login. The only downside is that it wont work.
<?php
date_default_timezone_set('Europe/Amsterdam');
if (isset($_POST['formsubmitted'])) {
$Timesloggedin = "SELECT * FROM members.Timesloggedin WHERE Email='$email'";
$time = date("Y-m-d H:i:s");
$query1 = "UPDATE members SET Timesloggedin = $Timesloggedin + 1, Lastloggedin = $time WHERE Email ='$email'";
$result_insert_loggedins = mysql_query($query1);
if (!$result_insert_loggedins) {
echo 'Query failed';
}
if (mysql_affected_rows($dbc) == 1)
{
//If the Insert Query was successfull.
}
?>
$query1 = "UPDATE members SET Timesloggedin = Timesloggedin + 1, Lastloggedin = '$time' WHERE Email ='$email'";
Remember that $time is a string and needs the quotes. Also, $Timesloggedin would be an object (if you actually ran the query which you don't) so just remove the $ and it will just increment the field.
Also, you don't even need the first query. Nor do you need the date calculation. Just use mysql's NOW()...
$query1 = "UPDATE members SET Timesloggedin = Timesloggedin + 1, Lastloggedin = NOW() WHERE Email ='$email'";
you can just use
Timesloggedin = Timesloggedin + 1
Instead of the variable.
The function is supposed to update the values in the database.
Here is the code:
//Functions
//Function to Update users networth
function update_net($name)
{
//Get worth & balance at the time
$sql_to_get_worth_balance = "SELECT * FROM user WHERE username = '$name'";
$sql_query = mysql_query($sql_to_get_worth_balance);
while ($rows = mysql_fetch_assoc($sql_query))
{
$worth = $rows['worth'];
$balance_ = $rows['cash_balance'];
}
//Get net_worth now
$new_net_worth = $worth + $balance;
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_worth);
}
It is used here:
//Get username
$username = $_SESSION['username'];
if (isset($username))
{
//Update networth
$update_worth = update_net($username);
You probably want a WHERE clause on the end of this query:-
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
e.g.
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth' WHERE username = '$name';
You're forgetting the where name=$name part in the update query (which will update the entire table!)
I hope your $name can never hold user entered data because your sql is vulnarable to injection.
Maybe:
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_worth);
Should Read:
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_for_new_worth);
May be you should commit transaction?