DaveMate Posted August 22, 2006 Share Posted August 22, 2006 Hi all,I'm trying to autherise users, and then log activity, so I thought that this type of thing would work, but it's just not any ideas?<? require( "common.php" ); // where the vars for database login are stored$auth = false; if (isset ($_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] )) { mysql_connect(localhost,$username,$password);@mysql_select_db($database) or die( "Unable to select database");$query="SELECT * FROM usernamepassword WHERE User = '".$_SERVER['PHP_AUTH_USER']."'AND Pass = '".$_SERVER['PHP_AUTH_PW']."'"; $result=mysql_query($query);$num=mysql_numrows($result);if ( $num != 0 ) { $auth = true; } } if ( ! $auth ) { header( 'WWW-Authenticate: Basic realm="Private"' ); header( 'HTTP/1.0 401 Unauthorized' ); echo 'Authorization Required.'; exit; } else { $query = "INSERT INTO log_user_activity ('UserID', 'URL', 'Time') VALUES ('1', '2',' 3')";} mysql_close();?> I was just trying to get the values 1, 2, and 3 into the database, and then work from there to get the userID the page and the time using system vars at a later date... Is there somethig obvious that I've missed, or can anyone think of a better / more simple way..Thanks in advance...Dave Quote Link to comment Share on other sites More sharing options...
ober Posted August 22, 2006 Share Posted August 22, 2006 Is that all of your code? I don't see a call to mysql_query() anywhere after you make the query. Quote Link to comment Share on other sites More sharing options...
DaveMate Posted August 22, 2006 Author Share Posted August 22, 2006 Hi Ober,Erm Busted, yeah that was all my code (it's an include in the pages I wanted to have secure / loged)So I need to call the query even with an insert? Is that the same as with a select of different?ThanksDave.. Quote Link to comment Share on other sites More sharing options...
ScottRiley Posted August 22, 2006 Share Posted August 22, 2006 Yeah, you need a mysql_query($query) somewhere, all that code does is declare a variable '$query'. Quote Link to comment Share on other sites More sharing options...
onlyican Posted August 22, 2006 Share Posted August 22, 2006 $query = "SELECT ...Just makes the var $query have that valueYou can do $varnam = mysql_query("SELECT ...but I dont recommend this, as if you have an error, you can just echo $query, to check the vars are parsing ok Quote Link to comment Share on other sites More sharing options...
DaveMate Posted August 22, 2006 Author Share Posted August 22, 2006 Thanks guys, It was like a penny dropping... I think I understand now.... This is what I ended up with just for the record:mysql_query ("INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')");Onwards and upwards...Dave. Quote Link to comment Share on other sites More sharing options...
ScottRiley Posted August 22, 2006 Share Posted August 22, 2006 Personally, I prefer to store the query as a string, and then call it using the variable. For example:[code]<?php $query"INSERT INTO logins (UserID, URL, Time) VALUES ('1', '2',' 3')"; mysql_query($query); //basically the same as what you done, except you have the sql syntax stored as a variable, which is useful[/code]?>This way, like onlyican said, if anything goes wrong you can always 'echo $query' to ensure that all the variables are being passed correctly. Other than that, onward and upward it is ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.