Jump to content

Creating on Online/Offline switch when logging in


Mickey400z

Recommended Posts

I'm trying to update a field in my MySQL database when a user logs in or logs out.  I figure a simple 0 or 1 choice will do.  I'm trying to get my head wrapped around how I add this function to my login script when the user hits "submit" or the user hits "logout" or his session expires.  The field is pretty simple; "online"

 

Here's my login code.

<?php
  require_once('connectvars.php');
  require_once('appvars.php');

  // Start the session
  session_start();

  // Clear the error message
  $error_msg = "";

  // If the user isn't logged in, try to log them in
  if (!isset($_SESSION['clientid'])) {
    if (isset($_POST['submit'])) {
      // Connect to the database
      $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

      // Grab the user-entered log-in data
      $user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
      $user_password = mysqli_real_escape_string($dbc, trim($_POST['password1']));

      if (!empty($user_username) && !empty($user_password)) {
        // Look up the username and password in the database
        $query = "SELECT clientid, username FROM clients WHERE username = '$user_username' AND password1 = SHA1('$user_password')";
        $data = mysqli_query($dbc, $query);

        if (mysqli_num_rows($data) == 1) {
          // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
          $row = mysqli_fetch_array($data);
          $_SESSION['clientid'] = $row['clientid'];
          $_SESSION['username'] = $row['username'];
          setcookie('clientid', $row['clientid'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
          setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
          $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
          header('Location: ' . $home_url);
        }
        else {
          // The username/password are incorrect so set an error message
          $error_msg = 'Sorry, you must enter a valid username and password to log in.';
        }
      }
      else {
        // The username/password weren't entered so set an error message
        $error_msg = 'Sorry, you must enter your username and password to log in.';
      }
    }
  }

  // Insert the page header
// $page_title = 'Log In';
// require_once('header.php');

  // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
  if (empty($_SESSION['clientid'])) {
    echo '<p class="error">' . $error_msg . '</p>';
?>

	  <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" >
        
            <div align="center">
              <legend align="left">Log In</legend>
                            <label for="username">
      Username:
      </label>
      
              <p>
                <input type="text" name="username" value="<?php if (!empty($user_username)) echo $user_username; ?>" />
              </p>
             
              <label for="password1">
      Password:
      </label>
      
        <p>
          <input type="password" name="password1" />
          </p>
        <p>
          <input type="submit" value="Log In" name="submit" />
          Register free <a href="signup.php" target="_blank" class="style1">here</a>        </p>
            </div>
	  </form>

<?php
  }
  else {
    // Confirm the successful log-in
    echo('<p class="button" id="slogan">You are logged in as ' . $_SESSION['username'] . '.</p><br><a href="logout.php">Logout</a>');

  }
?>

Any insight would be appreciated

Yeah...I know, I don't ever use logout buttons either.  I figured I would give the option though.  So based on what you are saying as far as using the creation of the session to set the parameter, ho do I translate that to other queries where I need to display information based on a user being logged in or not.

Yeah...I know, I don't ever use logout buttons either.  I figured I would give the option though.  So based on what you are saying as far as using the creation of the session to set the parameter, ho do I translate that to other queries where I need to display information based on a user being logged in or not.

 

Either store session data in your database or extend the lifetime of your session. If they do press the log-out button you just destroy the session (cf session_destroy) or delete the database record. This is the better way.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.