Kindly check it out

[nitation]

Hi,

 

What i am trying to do in below code is to update the last login date of a user. Kindly check, its not working.

 

<?php

session_start();

if (!isset ($_SESSION["afso_userid"]))

{
  header ("Location:main.php?login=missing");
}

include("connect.php");

if($log){

$sqllog=mysql_query(" SELECT  * FROM  register_account WHERE account_number='$account_number'  AND  account_key='$account_key' AND status='1' ");
$sqllog=mysql_query("UPDATE register_account  SET  lastlogin= '$lastlogin' where id='$id'");

if($sqllog){
$row=mysql_fetch_array($sqllog);
$rowid=$row["id"];
} 

$num=mysql_num_rows($sqllog);
if($num > 0){

$_SESSION["afso_userid"]=$row["id"];
   header ("Location: index.php");
}
else
{
  header ("Location: main.php?login=wrong");
}

}
?>

[Psycho]

That code doesn' make sense to me.

 

First you do a SELECT query and assign it to the variable $sqllog, then in the next line you do an INSERT queryand assign the results to the same variable. What's the point of the SELECT query? Since you immediately overwrite the pointer to the SELECT results you cannot use them.

 

In the UPDATE query where are $lastlogin and $id being set?

 

You should always add error handling to your queries:

 

<?php

$query = "SELECT * FROM  register_account WHERE account_number='$account_number'  AND  account_key='$account_key' AND status='1' ";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");
$query = "UPDATE register_account  SET  lastlogin= '$lastlogin' where id='$id'";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");

?>

[nitation]

Not updating after trying your code.

[Psycho]

I never stated my code would fix the problem. What it would do is show you if there were any errors in the query.

 

You didn't answer the previous questions though:

 

1. What is the purpose of the SELECT query since you don't use the results

2. (more importantly) Where are the values for $lastlogin and $id being set?

 

When you included the code I posted did you get any errors? If so, what were they. Assuming you didn't get any errors I would echo the query to the page so you can verify the values of $lastlogin and $id.

 

<?php

$query = "SELECT * FROM  register_account WHERE account_number='$account_number'  AND  account_key='$account_key' AND status='1' ";
echo "Query 1: $query<br>";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");
$query = "UPDATE register_account  SET  lastlogin= '$lastlogin' where id='$id'";
echo "Query 2: $query<br>";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");

?>

 

This will NOT fix anything it will only help troubleshoot the problem. When having problems such as this you should always verify that variables have the values that you expect and that processes are not failing.

[nitation]

Thanks for your reply, First of all, i use the SELECT query to retrieve the user's information from the table register_account. The below is where a user enter his/her login details

<FORM name=form1 action="login.php" method=post>
<input name="lastlogin" type="hidden" value="<? echo date("Y"); ?>">

<input name="account_number" type="text" id="account_number">
<input name="account_key" type="password" id="account_key">
<input type="submit" name="log" value="Login">

 

Should in case you wonder where login.php is, it was the first code i posted.

[DarkWater]

Yes, you use the select query to get their info, but then you're IMMEDIATELY OVERWRITING it, thereby "deleting" the MySQL resource.

[Psycho]

Exactly!

 

Well, I still don't see where $id is being set.

 

Did you run that last block of code I posted? What was printed to the page?

[nitation]

@mjdamato

 

It didn't print out any internal error. The only error it gave was a predefined error i set in my main.php. The below is what main.php contained;

 

<?
include("session.php");
include("connect.php");
include("includes/en.php");



$return=ENTER_ACCESS_CODE;

if($login=="wrong"){
$return=ACCESS_CODE_ERROR_WRONG;
}

else if($login=="missing"){
$return=ACCESS_CODE_ERROR_MISSING;
}

require("login_form.php");
?>

 

 

[dannyb785]

 

 

You should always add error handling to your queries:

 

 

only during production. And get rid of them once everything is working correctly

[nitation]

@dannyb

 

Thanks for your post. But what you have posted is not the most important path in solving my problems. Read my problem and proffer a solution.

Thanks 

[dannyb785]

Your code has many issues and to solve it would require me to write it all. Look over all of the replies so far and use what you know about php to figure it out. I don't know what I know bc people told me everything. I had to sit through hours of trouble-shooting jus to get one dumb thing to work before.

[nitation]

When u say my code have got issues, what do u mean. A user can simply login without stress before i came up with the idea of last login thing. Anyway, the greatest help you can render for me is to assist on how to update my database to display the last login date for a user.

 

Thanks in advance

[Rowno]

You need to use a function to select the appropriate data you got from the SELECT mysql data resource, like they're saying, by using a function like mysql_result() and like they said, the $lastlogin and $id variables haven't been set anywhere in the script which means they have no value. Try placing this code between the SELECT and UPDATE mysql queries:

$id = mysql_result($sqllog,0,id);
$lastlogin = mysql_result($sqllog,0,lastlogin);

[dannyb785]

A user can simply login without stress before i came up with the idea of last login thing.

 

Did you type up the code when it was working? Did you know what you were doing? If I ask you to grab user "bobbyjoe" and tell me his user id, could you do that? You need to know how to grab info from a table and process it correctly to get the info. putting a quert into a variable $sql isn't going to magically put the last value into $lastlogin

[Rowno]

You got that right ^

[nitation]

Ok guys. can u give me a sample code that will update the last login of a user in my database

[nitation]

Till now, no sample from anyone. Thank you

[Psycho]

 

 

You should always add error handling to your queries:

 

 

only during production. And get rid of them once everything is working correctly

 

No, you should ALWAYS have error handling - period. How you implement that error handling can be different during development (e.g. echo'ing the error directly to the page) than in production where you should show a "friendly" error message to the user and save the actual error to a log file or some other back-end reporting repository.

 

Not sure what your experience has been. But in my 10 years in software a product is in "production" when you release it to the end-user.

[Psycho]

Till now, no sample from anyone. Thank you

 

You never replied with a response from the code I provided in Reply#3. That code will echo to the page the exact content of your query. I am betting that either one or both of those variables are not set. But, I cannot magically deduce all of the included code that I cannot see to tell how those variables are set.

 

Please post the output of the code I posted in Reply#3 with it inserted into the current page where the queries currently reside.

[nitation]

Hello,

 

According to your last instruction, i outputted the code you provided in reply#3 and i go the below;

 

Query 1: SELECT * FROM register_account WHERE account_number='' AND account_key='' AND status='1'
Query 2: UPDATE register_account SET lastlogin= '' where id=''

[nitation]

I added this query to my code and it's updating all the users in the table

 

$sqlsub=mysql_query("UPDATE register_account  SET  lastlogin= '$lastlogin'");

[Psycho]

As I suspected the values for the variables were never set!

 

Base upon your Reply #4 you are posting a form to this particular page. I see where you are apparently including the YEAR in a hidden loastlogin field. How are you setting $lastlogin with that value? Are you assuming register globals is on? In any event I wouldn't use a hidden field, just let PHP set it when the query is run.

 

You aren't using the right references to get the vlues from the form POST and you are not extracting the values from the 1st query.

 

Try this:

 

<?php

$account_number = mysql_real_escape_string($_POST['account_number']);
$account_key = mysql_real_escape_string($_POST['account_key']);

$query = "SELECT * FROM  register_account WHERE account_number='$account_number'  AND  account_key='$account_key' AND status='1' ";
echo "Query 1: $query<br>";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");

if (!mysql_num_rows($sqllog))
{
    echo "Error user does not exist!";
}
else
{
    $user = mysql_fetch_assoc($sqllog);
    //I am making an assumption that the column name is id
    $query = "UPDATE register_account  SET  lastlogin= '".date("Ymd")."' where id='".$user['id']."'";
    echo "Query 2: $query<br>";
    $sqllog=mysql_query($query) or die (mysql_error()."<br>$query");
}

?>

[dannyb785]

 

 

You should always add error handling to your queries:

 

 

only during production. And get rid of them once everything is working correctly

 

No, you should ALWAYS have error handling - period. How you implement that error handling can be different during development (e.g. echo'ing the error directly to the page) than in production where you should show a "friendly" error message to the user and save the actual error to a log file or some other back-end reporting repository.

 

Not sure what your experience has been. But in my 10 years in software a product is in "production" when you release it to the end-user.

 

I meant development when I said production. my baaaaad.

[nitation]

As I suspected the values for the variables were never set!

 

Base upon your Reply #4 you are posting a form to this particular page. I see where you are apparently including the YEAR in a hidden loastlogin field. How are you setting $lastlogin with that value? Are you assuming register globals is on? In any event I wouldn't use a hidden field, just let PHP set it when the query is run.

 

You aren't using the right references to get the vlues from the form POST and you are not extracting the values from the 1st query.

 

Try this:

 

<?php

$account_number = mysql_real_escape_string($_POST['account_number']);
$account_key = mysql_real_escape_string($_POST['account_key']);

$query = "SELECT * FROM  register_account WHERE account_number='$account_number'  AND  account_key='$account_key' AND status='1' ";
echo "Query 1: $query<br>";
$sqllog=mysql_query($query) or die (mysql_error()."<br>$query");

if (!mysql_num_rows($sqllog))
{
    echo "Error user does not exist!";
}
else
{
    $user = mysql_fetch_assoc($sqllog);
    //I am making an assumption that the column name is id
    $query = "UPDATE register_account  SET  lastlogin= '".date("Ymd")."' where id='".$user['id']."'";
    echo "Query 2: $query<br>";
    $sqllog=mysql_query($query) or die (mysql_error()."<br>$query");
}

?>

 

The code you provided, where do i run it from. Should it be from my login.php or what? Also, i believe you not considering my main.php code that i provided earlier. What will happen to it. Have a look at the main.php again

 

<?
include("session.php");
include("connect.php");
include("includes/en.php");



$return=ENTER_ACCESS_CODE;

if($login=="wrong"){
$return=ACCESS_CODE_ERROR_WRONG;
}

else if($login=="missing"){
$return=ACCESS_CODE_ERROR_MISSING;
}

require("login_form.php");
?>

 

Hope you understand my question right.

[nitation]

This is the login_form.php

 

<FORM name=form1 action="login.php" method=post>
<input name="lastlogin" type="hidden" value="<? echo date("Y"); ?>">

<input name="account_number" type="text" id="account_number">
<input name="account_key" type="password" id="account_key">
<input type="submit" name="log" value="Login">