My database INSERT
is not functioning.
Here is my code :
<?php
if(isset($_POST['submit'])) {
if(empty($row['login']) AND empty($row['password'])) {
echo "Sorry, but that username and/or password you entered is
incorrect. Please try again.";
$ipaddress = $_SERVER["REMOTE_ADDR"];
$login = mysqli_real_escape_string($conn, $_POST['login']);
$sql_login_tries = mysqli_query($conn,("Insert into login_attempts
('login','ip','tries','last_login')
Values ('$login','$ipaddress','1',Now())"));
$sql_get_tries = mysqli_query($conn,("SELECT * FROM login_attempts
where login = '$login'"))
or die(mysqli_error($conn));
$number_of_tries = mysqli_num_rows($sql_get_tries);
echo $number_of_tries;
if (($number_of_tries) > 2) {
header ("Location: /example.com/access_denied");
exit() ;
}
}
}
}
?>
I used "echo" at various points in the code. I noticed that: everything works right up to the point where I try to INSERT
those values into the table "login_attempts";
P.S. I do have database-connection parameters set; I simply did not bother to include them here.
P.P.S. The redirect to "access_denied" page is purely for testing purposes. In reality, I plan to activate a CAPTCHA function, if the user has tried to log in 3 times unsuccessfully.
UPDATE ERROR MESSAGE
You have an error in your SQL syntax. Check the manual for the correct syntax to use near : (login, ip, tries, last_login) values ('mjackson', '111.11.11.111','1',NOW' at line 1