Text log for Login

[RidgeandGable]

Hi guys

 

I have a php login form and I would like to create either a text file with loging username and date or a table with the same details.

My log uses Mysql table "users" with an ID, Username and Password, can anyone offer some help. I have no idea how or where to start or what is best

 

CHeers

[RidgeandGable]

after much googling n searching I've come up with this, but not sure if it will do the job?

 

mysql_query("UPDATE tbllog SET LastLogin=now() WHERE Username='$Username'"); 

 

am I on the right track?

[RidgeandGable]

I managed to get the date part working using

 

mysql_query("INSERT INTO logs SET Date = NOW()");

But I cannot get the username to pass

The full code of page is:

 

<?php
$colname_Recordset1 = "1";
if (isset($_SESSION['MM_Username'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_Harry, $Harry);
$query_Recordset1 = sprintf("SELECT * FROM users WHERE Username = '%s'", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $Harry) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);

mysql_select_db($database_Harry, $Harry);
$query_Recordset2 = "SELECT * FROM logs";
$Recordset2 = mysql_query($query_Recordset2, $Harry) or die(mysql_error());
$row_Recordset2 = mysql_fetch_assoc($Recordset2);
$totalRows_Recordset2 = mysql_num_rows($Recordset2);

 session_start() ?>
<?php

mysql_query("INSERT INTO logs SET Date = NOW()");

$colname_Recordset1 = "1";
if (isset($_SESSION['MM_Username'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_Harry, $Harry);
$query_Recordset1 = sprintf("SELECT BalanceDue, AccountStatus FROM users WHERE Username = '%s'", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $Harry) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1); 


?>

[mac_gyver]

i'm not intentionally trying to give you a hard time, i promise. but the posted code is a copy/paste fail. you have code that's not accomplishing anything useful (a select query on the logs table), duplicate code  (checking the session variable and running a select query on the users table, two different times), and code that's out of date and not secure (the magic quotes/addslashes business).

 

rather than to follow along with the bad code that Dreamweaver produces, you need to actually learn to program and write your own code that does what you want it to do.

 

you need to start with having a stated goal. do you want to log ALL log-in attempts, successful ones and incorrect ones, or just the successful ones?

 

what data do you want to store (what data is available)? some suggestions - ip address, username, datetime, and a success/fail status.

 

next, you would form and run the INSERT query at the correct point in your program logic. the code you have posted doesn't actually have any log-in logic in it to be able to help you. in fact, the posted code isn't using any form variables, so it's unlikely that this is your log-in authentication code at all. if you are logging just the successful log-in attempts, you would form and run the INSERT query inside the successful login code. if you are logging both successful and failed log-in attempts, you would just set up the success/fail status value in the code and then form and run the INSERT query after the point where you have determined the correct/failed log-in state.

[RidgeandGable]

Hi

Cheers for the reply

Yeap your right, I added this code in the wrong area, It was added to a the after login page. I changed this last night to the log in page and managed to get the date inserting properly but still can't get any username added in.

I found the code in a book on php and thought it was what I was looking for. 

The login page was created using Dreamweaver and is working for now. The site is complete for what I need.

The goal of this sections it to create a Log when users log in.

I have the table created called logs has ID, Username and Date, I just want to capture the date and Username of a logged in user, no need for IP address as the only people to use this site would be my customers only.

The loging page uses the session MM_Username and username and password are in the form for entering the data. I thought it would be simple enough to copy this username from the $_SESSION MM_Username but that throws up errors about ; and "

Cheers

[RidgeandGable]

After looking again, I've come up with this:

//declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	
	$update =("UPDATE users SET LastLogin = NOW(), WHERE Username = '$MM_Username'");   
	$result = mysql_query($update) or die (mysql_error()); 

But I now get an error on Login - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE Username = 'DM4571'' at line 1

The DM4571 Is the user that I tried to login with

Any help on that and I think I'm sorted 

[RidgeandGable]

SOLVED , I had an extra "," behind Now() all fixed and working

 

Mac_yver

I take on board what you said and I will soon be learner Mysqli and doing away with the bad dreamweaver, but for now, I need the site up and running to stop the customers from complaining about paper invoice etc. Dreamweaver was quick to install and setup although the errors in php code it produces does slow things down and "php helpers" are reluctant to help as soon as dreamweaver is mentioned. No excuses, but I am a father of 2 young kids with disabilitys and work almost 24/7 running my own roofing business and don't always have the time to sit down and read and learn in full so i can only manage a little bit at a time. But thank you for your help and advise and I as soon as free time pops up, I will be learning it without dreamweaver.

Thanks Again

 

Harry