Jump to content


Photo

Problem logging users


  • Please log in to reply
6 replies to this topic

#1 DaveMate

DaveMate
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 22 August 2006 - 12:08 PM

Hi all,

I'm trying to autherise users, and then log activity, so I thought that this type of thing would work, but it's just not any ideas?


<?
require( "common.php" );  // where the vars for database login are stored

$auth = false; 

if (isset ($_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW']  )) {

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

$query="SELECT * FROM usernamepassword WHERE User = '".$_SERVER['PHP_AUTH_USER']."'AND Pass = '".$_SERVER['PHP_AUTH_PW']."'";
$result=mysql_query($query);
$num=mysql_numrows($result);

if ( $num != 0 ) {
$auth = true;
    }
}

if ( ! $auth ) {
    header( 'WWW-Authenticate: Basic realm="Private"' );
    header( 'HTTP/1.0 401 Unauthorized' );
    echo 'Authorization Required.';
    exit;

} else {

$query = "INSERT INTO log_user_activity ('UserID', 'URL', 'Time') VALUES ('1', '2',' 3')";


}
mysql_close();
?>

I was just trying to get the values 1, 2, and 3 into the database, and then work from there to get the userID the page and the time using system vars at a later date...

Is there somethig obvious that I've missed, or can anyone think of a better / more simple way..

Thanks in advance...


Dave


#2 ober

ober
  • Staff Alumni
  • Advanced Member
  • 5,337 posts
  • LocationEast Coast, USA

Posted 22 August 2006 - 12:11 PM

Is that all of your code?  I don't see a call to mysql_query() anywhere after you make the query.

Info: PHP Manual


#3 DaveMate

DaveMate
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 22 August 2006 - 12:18 PM

Hi Ober,

Erm Busted, yeah that was all my code (it's an include in the pages I wanted to have secure / loged)

So I need to call the query even with an insert? Is that the same as with a select of different?

Thanks

Dave..

#4 ScottRiley

ScottRiley
  • Members
  • PipPipPip
  • Advanced Member
  • 59 posts

Posted 22 August 2006 - 01:54 PM

Yeah, you need a mysql_query($query) somewhere, all that code does is declare a variable '$query'.

#5 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 22 August 2006 - 01:58 PM

$query = "SELECT ...
Just makes the var $query have that value

You can do
$varnam = mysql_query("SELECT ...

but I dont recommend this, as if you have an error, you can just echo $query, to check the vars are parsing ok
Tell me the problem, I will try tell you the solution

#6 DaveMate

DaveMate
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 22 August 2006 - 02:38 PM

Thanks guys,

It was like a penny dropping... I think I understand now.... This is what I ended up with just for the record:

mysql_query ("INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')");

Onwards and upwards...


Dave.



#7 ScottRiley

ScottRiley
  • Members
  • PipPipPip
  • Advanced Member
  • 59 posts

Posted 22 August 2006 - 03:39 PM

Personally, I prefer to store the query as a string, and then call it using the variable.  For example:

<?php 
                  $query"INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')";
                  mysql_query($query); //basically the same as what you done, except you have the sql   syntax stored as a variable, which is useful
?>

This way, like onlyican said, if anything goes wrong you can always 'echo $query' to ensure that all the variables are being passed correctly.  Other than that, onward and upward it is ;)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users