Php 如何在数据库中插入用户注销的时间?
我成功地编写了登录的代码…当用户登录时,登录的时间写在数据库中Php 如何在数据库中插入用户注销的时间?,php,mysql,Php,Mysql,我成功地编写了登录的代码…当用户登录时,登录的时间写在数据库中 session_start(); $query = mysql_query("SELECT * FROM users"); $result = mysql_fetch_array($query); if(!empty($_POST['username']) && !empty($_POST['password'])){ $username = ($_P
session_start();
$query = mysql_query("SELECT * FROM users");
$result = mysql_fetch_array($query);
if(!empty($_POST['username']) && !empty($_POST['password'])){
$username = ($_POST['username']);
$password = ($_POST['password']);
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$result = mysql_query("SELECT * FROM users WHERE username = '$username' AND status = '1'");
if(mysql_num_rows($result) == 1) {
mysql_query("INSERT INTO entry(id, username_id, entry_time) VALUES ('', 'bkrpan', NOW()) ");
header("Location: admin.php");
exit; }
$result = mysql_query("SELECT username FROM users WHERE username = '$username' AND password = '$password'");
if(mysql_num_rows($result) == 1) {
mysql_query("INSERT INTO entry(id, username_id, entry_time) VALUES ('', '$username', NOW()) ");
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: users.php");
exit; }
echo "Login failed! You will be redirected.";
echo "<meta http-equiv=\"refresh\" content=\"2;URL=index.php\">";
}
else {
echo "Login failed! You will be redirected.";
echo "<meta http-equiv=\"refresh\" content=\"2;URL=index.php\">";
}
session_destroy();
但是…现在我不知道如何制作注销代码。
这是我做的东西,但不起作用
<?php
mysql_connect("localhost", "root", "") or die("cannot connect");
mysql_select_db("zavrsni_rad") or die("cannot select DB");
session_start();
$username = $_SESSION['username'];
$sql = "SELECT * FROM users WHERE username = ".$username." AND password = ".$password;
$result = mysql_query($sql);
if(mysql_num_rows($result) == 1) {
$sql_2 = "INSERT INTO entry(username_id, entry_time) VALUES (".$username.", NOW() )";
mysql_query($sql_2);
}
session_destroy();
header("location: index.php");
?>
您忘记了查询中的单引号,因此无法获得$password的值
$sql = "SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'";
$sql_2 = "INSERT INTO entry(username_id, entry_time) VALUES ('".$username."', NOW())";
为清晰起见进行了更新
<?php
session_start();
// check that the session exists first
if(isset($_SESSION['username'])) {
// you should put your db connection in a config.php file and use mysqli or PDO - what you're using is depreciated
mysql_connect("localhost", "root", "") or die("cannot connect");
mysql_select_db("zavrsni_rad") or die("cannot select DB");
// don't think I'd store password in a session...
// also, is username UNIQUE in your database?
// also, also, ALWAYS escape (sanitize) your database input to prevent agains SQL injection
$sql = "SELECT username, password
FROM
users
WHERE
username = '".mysql_real_escape_string($_SESSION['username'])."'
AND
password = '".mysql_real_escape_string($_SESSION['password'])."'";
$result = mysql_query($sql) or die('sql: '.mysql_error());
if(mysql_num_rows($result) > 0) {
$sql_2 = "INSERT INTO entry(username_id, entry_time) VALUES ('".mysql_real_escape_string($_SESSION['username'])."', NOW())";
mysql_query($sql_2) or die('sql2: '.mysql_error());
session_destroy();
header("location: index.php");
} else {
echo 'There was an error. You have not been logged out.';
}
}
它不起作用意味着什么?你有白色的屏幕吗?错误消息?没有添加任何内容?添加了错误的数据?正确的数据,到了错误的地方?这意味着数据库是空的…时间没有添加到数据库中…我被重定向到index.php,这很好检查会话是否首先存在-它存在于login.php中--另外,用户名在数据库中是唯一的吗?-它是---我复制了你的代码…它和以前一样…我没有时间写在数据库中检查会话的存在是无害的,可以避免问题-在做任何重要的事情之前做这件事是个好主意。密码设置好了吗?尝试将mysql\u error添加到两个查询中,看看您的错误是什么:mysql\u query$sql\u 2或diemsql\u error;哦,会话是在login.php中设置的,这并不意味着它将存在于其他脚本中。如果用户退出浏览器,然后返回logout.php,则不会设置会话,但您将运行代码。这就是为什么要检查会话是否已设置。