CODEWITHSUNDEEP
phpmysql
Sauced Apples
Sauced Apples

Reputation: 1173

SQL Update for userid

I am trying to up date a field in my table, for last logged in IP's.

All I have managed to do is create a new user row when logging in (ip insert only) but cannot get it to update the field for specific userid.

Login function:

    public function login($username,$email,$password,$lastLogIp){

       try{
          $stmt = $this->db->prepare("SELECT * FROM users WHERE username=:username OR email=:email LIMIT 1");
          $stmt->execute(array(':username'=>$username, ':email'=>$email));
          $userRow=$stmt->fetch(PDO::FETCH_ASSOC); 
          if($stmt->rowCount() > 0){
             if(password_verify($password, $userRow['password'])){
                $_SESSION['session'] = $userRow['id'];
                $stmt = $this->db->prepare("UPDATE users SET lastlogip=:lastlogip WHERE id=:id");
                $stmt->bindParam(":lastlogip", $lastLogIp);      
                $stmt->bindParam(":id", $id);                      
                $stmt->execute(array(":lastlogip"=>$lastLogIp, ":id"=>$id));
                return true;
             }else{
                return false;
             }
          }
       }
       catch(PDOException $e){
           echo $e->getMessage();
       }
   }

Login Page:

<?php
ini_set('display_errors', '1');
require_once '../includes/conn.php';

if($user->is_loggedin()!=""){
    $user->redirect('../admin/index.php');
}

if(isset($_POST['login'])){
    $username = $_POST['username_email'];
    $email = $_POST['username_email'];
    $password = $_POST['password'];

    if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARTDED_FOR'] != '') {
        $lastLogIp = $_SERVER['HTTP_X_FORWARDED_FOR'];
    } else {
        $lastLogIp = $_SERVER['REMOTE_ADDR'];
    }

    if($user->login($username,$email,$password,$lastLogIp)){
        $user->redirect('../admin/index.php');
    }else{
        $error = "Login details provided do not match out records.<br /><br />";
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <title>EpicOwl UK | CMS Admin Panel Login</title>
    <meta charset="utf-8">
    <link rel="shortcut icon" href="../images/favicon.ico" type="image/x-icon" />
    <link rel="stylesheet" type="text/css" href="../css/main.css">
</head>
<body>
<div id="header">
    <a href="../index.php"><img id="logo" src="../images/logo.png" /></a>
    <div id="navigation">
        <img src="../images/home.png" class="nav" /><a href="../index.php" class="navigation">Home</a>
    </div>
</div>
<div id="content">
    <br /><br /><h1>Administrator Login</h1><br />
    <div id="spacer1"></div>
    <div id="spacer2"></div><br />
    <form method="post"><br /><br />
    <div id="newsborderouter">
        <div id="newsborder">
            <?php
            if(isset($error)){
            ?>
            <em><?php echo $error; ?></em>
            <?php
                }
            ?>
            <input class="input" type="text" name="username_email" placeholder="Username/Email" autocomplete="off" /><br /><br />
            <input class="input" type="password" name="password" placeholder="Password" autocomplete="off" /><br /><br />
            <button class="login" type="submit" name="login">Login</button><br /><br /><br />   
            <label>Don't have an account?<br />Why not register one by clicking <a href="./register.php">HERE</a><br /><br /></label>
    </form>
        </div>
    </div><br /><br /><br /><br />
</div>
</body>
</html>

Upvotes: 1

Views: 59

Answers (1)

Xyv
Xyv

Reputation: 739

Make sure the ID you search for in your UPDATE statement's WHERE-clause is valid. When the Database has no hits for the WHERE-clause, nothing will be updated.

So as you suggested in the comment section, you could use $userRow['id'] instead of $id, which is undefined (I assume).

Did you also notice you're binding values twice? I don't think this will do any harm, but just mentioning c:

Upvotes: 1

Related Questions