Jump to content

Recommended Posts

	
.............

else if(empty($password)){
		$errorMsg[]="please enter password";
	}
	else
	{
		try
		{
			$select_stmt=$db->prepare("SELECT * FROM tbl_user WHERE username=:uname OR email=:uemail");
			$select_stmt->execute(array(':uname'=>$username, ':uemail'=>$email));
			$row=$select_stmt->fetch(PDO::FETCH_ASSOC);
			
			if($select_stmt->rowCount() > 0)
			{
				if($username==$row["username"] OR $email==$row["email"])
				{
					if(password_verify($password, $row["password"]))
					{
						$_SESSION["user_login"] = $row["user_id"];
					
						//----------------
                        $pdo_statement=$db->prepare("update tbl_user set logins=7 where user_id=2");
        	            $result = $pdo_statement->execute();
						//----------------

						$loginMsg = "Successfully Login...";
						header("refresh:2; welcome.php");

					}
					else

hey guys iam starting to learn during this crysis php :-). I got stucked with this pdo style..... i like to count logins, i tryed and figured out i can use the id... but my  question is how  can replace this "where user_id=2" to get the specific ID for the current user login in? the count function i i know how to make the... first i want to know how to write the syntax  of this pdo......

thank you :-)

Link to comment
https://forums.phpfreaks.com/topic/310809-counting-logins/
Share on other sites

1 hour ago, cybershit said:

update tbl_user set logins=7 WHERE user_id = '"

It is not complicated.  Use  a parameter:

$pdo_statement=$db->prepare("update tbl_user set logins=7 where user_id=:userId");
$result = $pdo_statement->execute(array(':userId' => $_SESSION['user_login']['user_id']));

Also, you do not ever need to have a ';' at the end of your SQL query.  Using the API is not the same as being in the mysql command line client -- each statement is going to be sent for you.  

Link to comment
https://forums.phpfreaks.com/topic/310809-counting-logins/#findComment-1578156
Share on other sites

no you are right SIR  its not very complicated but the syntax is really crazy for beginner ......

 but i have one last question please...

$login_counter = $row['logins'] +1;

//------your code ----------
			
$pdo_statement=$db->prepare("update tbl_user set logins=$login_counter where user_id=:userId");
$result = $pdo_statement->execute(array(':userId' => $_SESSION['user_login']['user_id']));
         
// ------my code  ---------

$sql = $db->prepare("UPDATE tbl_user SET logins=$login_counter WHERE user_id = '".$_SESSION['user_login']['user_id']."';");
$sql->execute();

what is finally the difference in the point

3 ) Never put variables into a query. That's why "prepare" is used.

?

Link to comment
https://forums.phpfreaks.com/topic/310809-counting-logins/#findComment-1578158
Share on other sites

18 hours ago, cybershit said:

what is finally the difference in the point

image.png.109e4480fe6d842a76d638894bf414c7.png

At the risk of stating the bleedin' obvious,

  • the first set of code above uses a placeholder (:userId) and passes the user id value in the execute() call. This is the correct way to use prepare().
  • The second puts the user id value directly into the query string.

BTW, you stored the user id in $_SESSION[''user_login'] and not in $_SESSION['user_login']['user_id'].

Link to comment
https://forums.phpfreaks.com/topic/310809-counting-logins/#findComment-1578183
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.