Estoy tratando de que los usuarios tengan que meter su correo electrónico para iniciar sesión, pero al guardarlo me da el error,
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '@a.a, visita = CURDATE(), ip = 'xx.xx.xxx.xx', contador = conta,
¿me podéis echar una mano?
gracias
Código PHP:
<?php
if (isset($checkbox)) {
setcookie("usu", $username, time()+86400*30);
setcookie("pas", $password, time()+86400*30);
setcookie("correo", $correo, time()+86400*30);
}
?>
<?php
session_start();
?>
<?php require_once('../Connections/zona.php'); ?>
<?php
$IP = $REMOTE_ADDR;
$myUsername_rsLogin = "0";
if (isset($HTTP_POST_VARS['username'])) {
$myUsername_rsLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['username'] : addslashes($HTTP_POST_VARS['username']);
}
$myPassword_rsLogin = "0";
if (isset($HTTP_POST_VARS['password'])) {
$myPassword_rsLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['password'] : addslashes($HTTP_POST_VARS['password']);
}
$myCorreo_rsLogin = "0";
if (isset($HTTP_POST_VARS['correo'])) {
$myCorreo_rsLogin = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['correo'] : addslashes($HTTP_POST_VARS['correo']);
}
mysql_select_db($database_zona, $zona);
$query_rsLogin = sprintf("SELECT Socio, Contraseña FROM socios WHERE Socio = '%s' AND Contraseña = PASSWORD('%s')", $myUsername_rsLogin,$myPassword_rsLogin);
$rsLogin = mysql_query($query_rsLogin, $zona) or die(mysql_error());
$row_rsLogin = mysql_fetch_assoc($rsLogin);
$totalRows_rsLogin = mysql_num_rows($rsLogin);
if($HTTP_POST_VARS['action']=="login"){
if($totalRows_rsLogin==0){
$errorMessage = "error de conexión";
} else {
$query_rsMas = sprintf("UPDATE socios SET email = '%s', $myCorreo_rsLogin, visita = CURDATE(), ip = '$IP', contador = contador+1 WHERE Socio = '%s' AND Contraseña = PASSWORD('%s')", $myUsername_rsLogin,$myPassword_rsLogin);
mysql_query($query_rsMas, $zona) or die(mysql_error());
mysql_free_result($rsLogin);
session_register("usu");
$HTTP_SESSION_VARS['usu'] = $HTTP_POST_VARS['username'];
header("Location: ../socios/soclis.php");
}
}
?>