Jump to content

Archived

This topic is now archived and is closed to further replies.

DaveMate

Problem logging users

Recommended Posts

Hi all,

I'm trying to autherise users, and then log activity, so I thought that this type of thing would work, but it's just not any ideas?


<?
require( "common.php" );  // where the vars for database login are stored

$auth = false; 

if (isset ($_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW']  )) {

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

$query="SELECT * FROM usernamepassword WHERE User = '".$_SERVER['PHP_AUTH_USER']."'AND Pass = '".$_SERVER['PHP_AUTH_PW']."'";
$result=mysql_query($query);
$num=mysql_numrows($result);

if ( $num != 0 ) {
$auth = true;
    }
}

if ( ! $auth ) {
    header( 'WWW-Authenticate: Basic realm="Private"' );
    header( 'HTTP/1.0 401 Unauthorized' );
    echo 'Authorization Required.';
    exit;

} else {

$query = "INSERT INTO log_user_activity ('UserID', 'URL', 'Time') VALUES ('1', '2',' 3')";


}
mysql_close();
?>

I was just trying to get the values 1, 2, and 3 into the database, and then work from there to get the userID the page and the time using system vars at a later date...

Is there somethig obvious that I've missed, or can anyone think of a better / more simple way..

Thanks in advance...


Dave

Share this post


Link to post
Share on other sites
Is that all of your code?  I don't see a call to mysql_query() anywhere after you make the query.

Share this post


Link to post
Share on other sites
Hi Ober,

Erm Busted, yeah that was all my code (it's an include in the pages I wanted to have secure / loged)

So I need to call the query even with an insert? Is that the same as with a select of different?

Thanks

Dave..

Share this post


Link to post
Share on other sites
$query = "SELECT ...
Just makes the var $query have that value

You can do
$varnam = mysql_query("SELECT ...

but I dont recommend this, as if you have an error, you can just echo $query, to check the vars are parsing ok

Share this post


Link to post
Share on other sites
Thanks guys,

It was like a penny dropping... I think I understand now.... This is what I ended up with just for the record:

mysql_query ("INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')");

Onwards and upwards...


Dave.

Share this post


Link to post
Share on other sites
Personally, I prefer to store the query as a string, and then call it using the variable.  For example:

[code]<?php
                  $query"INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')";
                  mysql_query($query); //basically the same as what you done, except you have the sql  syntax stored as a variable, which is useful
[/code]?>

This way, like onlyican said, if anything goes wrong you can always 'echo $query' to ensure that all the variables are being passed correctly.  Other than that, onward and upward it is ;)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.