[RESOLVED] Sessions

kallison

I have a page that updates column "logins" in tblCustomer each time the user logs in to the CustomerPage.php, however if they navigate away from the page (which they will have to do), the column updates again when they return to the CustomerPage. How can I ensure that the column updates only once during the session? I am very much a novice and hope I am not getting in over my head. :rolleyes:

My code is as follows:

$Logs= $row_rsUser['logins'];
$cat = $row_rsUser['catID'];
$cust = $row_rsUser['CustomerID'];
if ($Logs>3){
	header( 'Location: http://www.kallison.ca/expiry.php' ) ;
}
else{

 if ($cat=2){
mysql_query("UPDATE tblCustomer SET logins = (logins)+1 WHERE CustomerID=$cust");
 } 
}

bradgrafelman

Start a session (see [man]session_start/man) and in the processing code, check to see if a certain session variable is set (whatever you feel is most descriptive). If not, do the UPDATE query and then set that variable.

How are you currently doing user authentication? In other words, once they login, how does that login information persist from one request to another? If you're using cookies, you could use the same approach above only using the cookie rather than using both sessions and cookies. Note, however, that any data stored in a cookie should not be considered safe against modification (malicious or not), thus sessions may still be a more ideal choice.

Also, note that you've got an error in your code snippet above:

if ($cat=2){

Here, you're assigning the value of 2 to the variable $cat. In other words, this:

if ($cat=2){ 
mysql_query("UPDATE tblCustomer SET logins = (logins)+1 WHERE CustomerID=$cust"); 
}

is equivalent to writing this:

$cat=2;
mysql_query("UPDATE tblCustomer SET logins = (logins)+1 WHERE CustomerID=$cust");

kallison

Thanks. I have all of that figured out, now I have another quandary. I need to compare the current date with the expiry date stored in the Mysql table. What is the best way to do that?

bradgrafelman

Can you give us more information about the context of this comparison? MySQL is perfectly capable of telling you that information itself (and/or only SELECT'ing rows that meet that criteria in the first place). For example, you could either add an an IF() function call to the columns you're SELECT'ing to indicate whether a given row has "expired" or not, or you could simply add the date comparison to the WHERE clause.

Either way, the comparison itself is pretty simple - just do a simple less-than or greater-than comparison between the expiry date column and CURDATE().

kallison

Thanks again. I believe that I have it all figured now. Things appear to be working.