This question already has an answer here:
I'm trying to make an last activity function for an website. but i can't get it to work. I hope you guys can help me out here.
this is my script:
if (isset($_REQUEST['inlog_submit'])){//checks if form is submitted
$user_name = $_REQUEST['username_input'];//request username from inlog_form
$password = $crypt;//gets enqrypted pass
//$tbl_name="user_table"; // Table name
$query = "SELECT * FROM users_table WHERE user_name= '$user_name' AND password='$password'";//query stored in var
$last_activity_query = "UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
$result = mysql_query($query);//var with result of query
$result_update = mysql_query($last_activity_query);
if ($user_name = mysql_fetch_array($result)){//checks inlog data from form with the $result query
$_SESSION['user_name'] = $user_name[user_name];//creates session with username
$_SESSION['password'] = $password[password];//creates session with password
$last_activity_update = mysql_fetch_array($result_update);
header ('Location: admin.php');//when login is correct redirect to specified page
}else{
$error_inlog = 10;//when inlog data is incorrect this error will show
}
}
?>
this is an print screen of my database table:
http://i.stack.imgur.com/xDMGA.png
thanks in advance!
</div>
In your query here:
UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'
Try removing the quotes around date_last_inlog or changing them to backticks:
UPDATE users_table SET date_last_inlog = NOW() WHERE user_name = '$user_name'
Also, don't use the mysql_* functions, use mysqli or PDO instead. Your code is vulnerable to SQL Injection.