Mickey400z Posted May 14, 2010 Share Posted May 14, 2010 I'm trying to update a field in my MySQL database when a user logs in or logs out. I figure a simple 0 or 1 choice will do. I'm trying to get my head wrapped around how I add this function to my login script when the user hits "submit" or the user hits "logout" or his session expires. The field is pretty simple; "online" Here's my login code. <?php require_once('connectvars.php'); require_once('appvars.php'); // Start the session session_start(); // Clear the error message $error_msg = ""; // If the user isn't logged in, try to log them in if (!isset($_SESSION['clientid'])) { if (isset($_POST['submit'])) { // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); // Grab the user-entered log-in data $user_username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $user_password = mysqli_real_escape_string($dbc, trim($_POST['password1'])); if (!empty($user_username) && !empty($user_password)) { // Look up the username and password in the database $query = "SELECT clientid, username FROM clients WHERE username = '$user_username' AND password1 = SHA1('$user_password')"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 1) { // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page $row = mysqli_fetch_array($data); $_SESSION['clientid'] = $row['clientid']; $_SESSION['username'] = $row['username']; setcookie('clientid', $row['clientid'], time() + (60 * 60 * 24 * 30)); // expires in 30 days setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30)); // expires in 30 days $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php'; header('Location: ' . $home_url); } else { // The username/password are incorrect so set an error message $error_msg = 'Sorry, you must enter a valid username and password to log in.'; } } else { // The username/password weren't entered so set an error message $error_msg = 'Sorry, you must enter your username and password to log in.'; } } } // Insert the page header // $page_title = 'Log In'; // require_once('header.php'); // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in if (empty($_SESSION['clientid'])) { echo '<p class="error">' . $error_msg . '</p>'; ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" > <div align="center"> <legend align="left">Log In</legend> <label for="username"> Username: </label> <p> <input type="text" name="username" value="<?php if (!empty($user_username)) echo $user_username; ?>" /> </p> <label for="password1"> Password: </label> <p> <input type="password" name="password1" /> </p> <p> <input type="submit" value="Log In" name="submit" /> Register free <a href="signup.php" target="_blank" class="style1">here</a> </p> </div> </form> <?php } else { // Confirm the successful log-in echo('<p class="button" id="slogan">You are logged in as ' . $_SESSION['username'] . '.</p><br><a href="logout.php">Logout</a>'); } ?> Any insight would be appreciated Quote Link to comment Share on other sites More sharing options...
ignace Posted May 14, 2010 Share Posted May 14, 2010 Please read http://www.phpfreaks.com/forums/index.php/topic,297928.msg1411079.html#msg1411079 Quote Link to comment Share on other sites More sharing options...
Mickey400z Posted May 14, 2010 Author Share Posted May 14, 2010 Yeah...I know, I don't ever use logout buttons either. I figured I would give the option though. So based on what you are saying as far as using the creation of the session to set the parameter, ho do I translate that to other queries where I need to display information based on a user being logged in or not. Quote Link to comment Share on other sites More sharing options...
ignace Posted May 14, 2010 Share Posted May 14, 2010 Yeah...I know, I don't ever use logout buttons either. I figured I would give the option though. So based on what you are saying as far as using the creation of the session to set the parameter, ho do I translate that to other queries where I need to display information based on a user being logged in or not. Either store session data in your database or extend the lifetime of your session. If they do press the log-out button you just destroy the session (cf session_destroy) or delete the database record. This is the better way. Quote Link to comment Share on other sites More sharing options...
Mickey400z Posted May 14, 2010 Author Share Posted May 14, 2010 Okay. I've got the theory. The "how" part is kind of screwing me up now...lol. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.