Changing boolean on login and logout

Question

I posted a question today because i had problem with putting data in database on login, so that i can display the active users in my websites. So it happened to be one "," the problem. But it was suggested to me to use boolean in my database and if the user hasn't logged my bool called 'ifactive = 0'(deffault) , when user logs in 'ifactive=1'. So i made this transition from 0 to 1 on login and will show you part of the code:

if(isset($_POST['submit']))
{
$uname = mysql_escape_string($_POST['uname']);
$pass = mysql_escape_string($_POST['pass']);
$pass = md5($pass);
$sql = mysql_query("SELECT * FROM `userinfo` WHERE `uname` = '$uname' AND `pass` =  
'$pass'");

if(mysql_num_rows($sql) > 0) {      
    mysql_query("UPDATE `userinfo` SET `ifactive` = 1 WHERE `uname` = '$uname'")  
or die(mysql_error());
    session_start();
    $_SESSION['uname'] = $uname;
    if (isset($_SESSION['uname'])) {

     header('Location: main.php');
}

This part up of the code works correctly, sets the boolean "ifactive" to 1, (this code is in file named login.php, and after login it redirects me to my main page called "main.php". In "main.php" i have put a Logout button, which links to a "logout.php" file where i end the current user session and where i want exactly to reset my boolean "ifactive" to zero:

session_start();
mysql_query("UPDATE `userinfo` SET `ifactive` = 0 WHERE `uname` = '$uname'") or  
die(mysql_error());
mysql_close();
session_destroy();
header("Location: index.php ");

But to make this mysql_query work i have to

include 'login.php';

So that i can use the variables. But here comes the main problem. When i include this login.php i suppose the two "Update" codes somehow fight and the second one doesnt work if you understand what i mean. And now i am reading about global variables but am for now confused about them. I mean to make my Update code in Logout.php work i suppose i do not have to include the whole login.php, i want to include only the variables:

$uname

so that it could be recognised

score 1 · Accepted Answer · answered Feb 27 '14 at 13:57

1

Store $uname in $_SESSION. Then you can just use $_SESSION['uname'] in your query:

session_start();
if(isset($_SESSION['uname'])) {
    mysql_query("UPDATE `userinfo` SET `ifactive` = 0 WHERE `uname` = '$_SESSION['uname']'") or  
    die(mysql_error());
}
mysql_close();
session_destroy();
header("Location: index.php ");

Also, ifactive is an odd column name. I would go with active. Keep it simple. Then you your code looks like:

if($active) ...

instead of

if($ifactive) ...

Which seems like you have a stutter.

answered Feb 27 '14 at 13:57

Digital Chris

6,177
1
20
29

Thank you man i also it really helped me i alse added "mysql_query("SELECT * FROM `userinfo` WHERE `ifactive` = 1 AND `uname` = '$_SESSION[uname]'"); " and included my database connect ! CHeers man! – user3351517 Feb 27 '14 at 14:06
But another question came in my mind, ok I Logout-> session_destroy -> Update ifactive to 0, but if i do not logout from the button , I just close my browser, what is the cure for it? – user3351517 Feb 27 '14 at 14:31
If you want to handle that you should have a `lastActiveTime` and anyone not updated since your expiration period has passed, set them to active=0. You can also add client side javascript but it's not as reliable. – Digital Chris Feb 27 '14 at 14:42
So i have to set a timer for activity – user3351517 Feb 27 '14 at 14:54
On browser refresh my lastActiveTime updates, if there is no browser refresh it doesnt updates and kills the session – user3351517 Feb 27 '14 at 14:55
http://stackoverflow.com/questions/520237/how-do-i-expire-a-php-session-after-30-minutes – Digital Chris Feb 27 '14 at 14:56

Changing boolean on login and logout

1 Answers1