[SOLVED] Error Handling

ngreenwood6 · September 11, 2008

I am having a problem with getting data from the database. I am trying to have it set so that if a user is logged in it sets the "logged_in" value in the database to 1 which it does. Then if someone else tries to log in with the same username it sees that it is 1 and says someone is already logged in. Here is my code:

<?php
session_start();

//include database variables
include("includes/variables.php");

//get variables from login form
$username = strtolower($_POST['username']);
$password = md5($_POST['password']);
$ip_address = $_SERVER['REMOTE_ADDR'];

//connect to the mysql server
$connect = mysql_connect($host, $db_username, $db_password);

//select the database
$select_db = mysql_select_db($db);

//query to select posted username from database
$query = "SELECT * from $db_user_table WHERE username='$username'";

//query to enter the ip address into the database
$update_query = "UPDATE $db_user_table SET logged_in_ip = '$ip_address', last_ip = '$ip_address' WHERE username = '$username'";

//query to check the database for ip address already logged in
$check_ip = "SELECT * FROM $db_user_table WHERE logged_in_ip = '$ip_address'";
$ip_results = mysql_query($check_ip);
$num_ip = mysql_num_rows($ip_results);

//query to log user in database
$update_user = "UPDATE $db_user_table SET logged_in = '1' WHERE username = '$username'";

//query to check if user is logged in or not
$check_user = "SELECT * FROM $db_user_table WHERE logged_in = '1'";
$user_results = mysql_query($check_user);
$count_users = mysql_num_rows($user_results);

//if users logged in is greater than or equal to 1
if($count_users != 0)
{
$users_row = mysql_fetch_array($user_results);
}

//execute the query
$results = mysql_query($query);

//count the number of rows
$count = mysql_num_rows($results);

//if the username exists fetch the results
if ($count = 1)
{
$row = mysql_fetch_array($results);
}

//if username is blank
if (empty($username))
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "Please enter a username!";
echo "</center>";
include("includes/footer.php");
}

//if password is blank
else if (empty($password))
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "Please enter a password!";
echo "</center>";
include("includes/footer.php");
}

//if username is not in database
else if ($username != $row['username'])
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "That username does not exist in our database. Please try again.";
echo "</center>";
include("includes/footer.php");
}

//if password is not in database
else if ($password != $row['password'])
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "The password you have entered is incorrect. Please try again.";
echo "</center>";
include("includes/footer.php");
}

//if someone is already logged in with the ip address
else if($num_ip == 1)
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "Someone is already logged in with that IP ADDRESS.";
echo "</center>";
include("includes/footer.php");
}

else if($username == $users_row['username'])
{
//include header
include("includes/header.php");

//include login box
include ("includes/login_box.php");

//include news box
include("includes/news_box.php");

echo "<br><center>";
echo "Someone is already logged in with that username.";
echo "</center>";
include("includes/footer.php");
}

//if everything is ok register the username in the session and redirect to logged_in.php
else
{
$update_ip = mysql_query($update_query)
or die("Could not enter information!");

$update_user_logged_in = mysql_query($update_user);

session_start();
$_SESSION['logged_in'] = TRUE;
$_SESSION['username'] = $username;

header("Location:logged_in.php");

}

?>

The problem is that if I log in as the first user in the database it works but any other user it doesnt. Any help is appreciated. Thanks in advance

Maq · September 11, 2008

Why don't you check by IP and if the logged_in value is 1 then there is someone logged in from that same IP?

For your query:

$results = mysql_query("SELECT logged_in FROM $db_user_table WHERE logged_in_ip = '$ip_address'");
$data = mysql_fetch_array($results);

For your elseif statement:

elseif($data['logged_in'] == 1)
{
//user all ready logged in from this IP
}

ngreenwood6 · September 11, 2008

I already have it checking the logged_in_ip. You cannot login two people from the same ip address. I want to be able to not allow a user to log in 2 times to the site from different ip addresses. Any help is appreciated.

Maq · September 12, 2008

If I understand you correctly then do a query for the user. Say, select logged_in from $db_user_table WHERE user = user (trying to log in); If logged_in = 1 then {all ready logged in from another IP} else{Welcome!}.

Hope this helps...

Sign In

[SOLVED] Error Handling

Recommended Posts

ngreenwood6

Link to comment

Share on other sites

Maq

Link to comment

Share on other sites

ngreenwood6

Link to comment

Share on other sites

Maq

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information