Jump to content

need this field to + 1


astralaaron

Recommended Posts

$log = mysql_query("UPDATE members SET log = log + 1 WHERE user = '$user' AND password = '$pw' ");if(!$log){die('error: ' mysql_error());}the code does not die but the log field does not get +1log is the name of the field in my database that I need to set to 1.. i triedSET log = 1 how can I do that? whats wrong with my syntax?

Link to comment
Share on other sites

i just did the same query in phpMyAdminUPDATE members SET log = log + 1 WHERE user = '449a36b6689d841d7d27f31b4b7cc73a' AND password = 'b0baee9d279d34fa1dfd71aadb908c3f';it did not return an error, but it still did not update the log field!i have the log field default to 0.. is that causing a problem?

Link to comment
Share on other sites

I found some php functions have a character limit for the parameters. Maybe mysql_query can only take a certain number of characters in each parameter. In this case your query with two md5 values may have exceeded the limit. When you removed the password, the number of characters might have been low enough. If you substitute with a variable it might work?

Link to comment
Share on other sites

I can't still get this (as I wrote in another thread...) why (oh why???) do you encrypt the username??????

Link to comment
Share on other sites

I am in no way an expert, but it might be worth incrementing it with '++'.If this is utter nonsence (which it probably is) please tell me!

Link to comment
Share on other sites

I am in no way an expert, but it might be worth incrementing it with '++'.If this is utter nonsence (which it probably is) please tell me!
SET log = log + 1 works fine** but the whole Idea i had to show how many users are online turned out to be a bad one as 'Justsomeguy' pointed out. most people leave the website without logging out so they would not get the SET log = log - 1 on the logout page.. :-(
Link to comment
Share on other sites

lol I was recomended by people here on the forums to md5 the username / password
It is a good idea to hash the password (it's better to use other ones such as sha1,sha256,whirlpool, etc.), but the username is probably not necessary if it is for something like a forum where you see the names of the users unless you have them sign in with a different name.
Link to comment
Share on other sites

It is a good idea to hash the password (it's better to use other ones such as sha1,sha256,whirlpool, etc.), but the username is probably not necessary if it is for something like a forum where you see the names of the users unless you have them sign in with a different name.
i actually have the unhashed username stored in another field so I can display the name lol.. the one that is hashed is strtolower()and when the user types in the username it is strtolower() to make it so if they type john as JoHN they will still loginbut the username that is displayed is like when they registerd.. so if they registerd as JoHn and login as john. it will display JoHn
Link to comment
Share on other sites

Yeah, but there's still no good reason to encrypt the username, once you have encryptet the username you can't get it in plain text again.Here some problems that I know would bug me...Can't extract the username from the dbWhen listing it's nice to be able to seperate different users (except for the id): users can have the same (full) name, and/or the same email (not usual to have the same emal, but it happens...)Identify the user (other than by the id)As a user:Can't see what my username isetcDo you know any good reasons to why encrypt the username?? (cause I don't......)Edit: response on asralaarons last post: you can accomplish that without encrypting the username or use two fields with the same value (except for case)

Link to comment
Share on other sites

Yeah, but there's still no good reason to encrypt the username, once you have encryptet the username you can't get it in plain text again.Here some problems that I know would bug me...Can't extract the username from the dbWhen listing it's nice to be able to seperate different users (except for the id): users can have the same (full) name, and/or the same email (not usual to have the same emal, but it happens...)Identify the user (other than by the id)As a user:Can't see what my username isetcDo you know any good reasons to why encrypt the username?? (cause I don't......)Edit: response on asralaarons last post: you can accomplish that without encrypting the username or use two fields with the same value (except for case)
no i dont know any good reason, i wasnt really given the reason someone(dont remember exactly who) told me its a good idea to do it.. so i listened. but in future jobs I will just encrypt the password
Link to comment
Share on other sites

The way you described it doesn't make any sense. It just takes up more space doing it that way. If you want to get the username from the db like they registered instead of what they typed to login, just get the info from the db and put it in the session instead of $_POST.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...