Returning Values for a set user

7724

Hi All,

Thought i'd put this on a seperate thread

Working on a system that allows multiple users to log in and add details online with the results saved to a mysql database:

Here’s what I have done so far:

I have created a page that lets users sign-up to create a password that lets them log into the website:

The user is then emailed a password and this password and his details are saved in a Mysql database table called ‘user’:

The individual users then log into the website and are taken to a main menu (as shown below)

Now when the user logs in if they want to (1) Add a deal to the RPC website (see above) they are taken to the following page I created:

<?php

// login stuff

include("accesscontrol.php");
include("check.php");

$msg = "";
$name = "";
$title = "";
$full_details = "";
$redemption = "";
$restrictions = "";

if(isset($_POST['Submit']))
{

$name = $_POST['name'];
$title = $_POST['title'];
$full_details = $_POST['full_details'];
$redemption = $_POST['redemption'];
$restrictions = $_POST['restrictions'];

if(!isset($_GET['offer_id']))
{
	$result = mysql_query("Insert into offers(name,title,full_details,redemption,restrictions) values('$name','$title','$full_details','$redemption','$restrictions')");
	$msg = "New record is saved";
}
else
{
	$result = mysql_query("Update offers set name='$name', title='$title', full_details='$full_details', redemption='$redemption', restrictions='$restrictions' where offer_id=".$_GET['offer_id']);
	$msg = "Record is updated";
}
}
if(isset($_GET['offer_id']))
{
	$result = mysql_query("Select * From offers where offer_id=".$_GET['offer_id'],$link);
	$row = mysql_fetch_array($result, MYSQL_BOTH);
	$name = $row['name'];
	$title = $row['title'];
	$full_details = $row['full_details'];
    $redemption = $row['redemption'];
    $restrictions = $row['restrictions'];
}

if(mysql_error())
{
echo mysql_error() ."<br>\n";
}


?>


<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title> Members-Only Page </title>
  <meta http-equiv="Content-Type"
    content="text/html; charset=iso-8859-1
</head>
<link rel="stylesheet" href="layout.css">
<link rel="stylesheet" href="layout.css">
<body>
<p><img src="../images/logo.gif" width="150" height="110"></p>
<p> <?=$username?> please enter a deal for the RPC website below.</p>
<h1 id="mainhead" class="text"> MVP - Partner Companies</h1>
<p class="text">Please create use the links below to add, update or delete a deal 
  that you wish to offer the RPC</p>
<table width="95%" border="0">
  <tr bgcolor="#FFFF00"> 
    <td><?php echo $msg?></td>
  </tr>
</table>
<form name="form1" method="post" action="">
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"> <img src="../images/1.jpg" width="20" height="20"> 
      Please Enter Your Name:</td>
  </tr>
  <tr> 
    <td colspan="2"> 
        <p> 
          <input name="name" type="text" id="name" value="<?php echo $name?>" size="40">
        </p>
        </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/2.jpg" width="20" height="20"> 
      Please give a title for the offer:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <input name="title" type="text" id="title" value="<?php echo $title?>" size="40">
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/3.jpg" width="20" height="20"> 
      Please give full details of the offer:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="full_details" id="full_details" cols="60" rows="3"><?php echo $full_details?></textarea>
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/4.jpg" width="20" height="20"> 
      Method of Redemption:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="redemption" id="redemption" cols="60" rows="3"><?php echo $redemption?></textarea>
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/5.jpg" width="20" height="20"> 
      Details of Restrictions:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="restrictions" id="restrictions" cols="60" rows="3"><?php echo $restrictions?></textarea>
      </td>
  </tr>
</table>
  <p> 
    <input type="submit" name="Submit" value="Submit" class="buttons">
    <input type="reset" name="Submit2" value="Reset" class="buttons">
  </p>
  <p><a href="listing.php">Back to Listings</a> | <a href="protectedpage.php">Back 
    to Index</a> | <a href="logout.php">Logout</a></p>
</form>
<?php
include ('./includes/footer.html');
?>

Now when the fields are filled in the data is saved in another MySQL table called ‘offers’

Now I have it working-up till here.

So now if I want to go back to this main menu (below) and click (2) Modify/Delete an Offer:

I want the mysql database to say I will RETURN ONLY the offers added to the database by the agent currently logged in, and filter the All offers in the database out. Any other offers added by another agent CAN’T be touched by this logged in agent.

But the page I have created just lists all the data in the ‘offers’ table. How can I get it to say ONLY RETURN offers to modify and delete that have been added by the agent currently logged in?

<?php

// login stuff

include("accesscontrol.php");
include("check.php");
$msg = "";

if(isset($_POST['Submit']))
{
	$total = $_POST['total'];
	$td = 0;
	$i = 0;

for($i = 1; $i <= $total; $i++)
{
	if(isset($_POST["d$i"]))
	{
		mysql_query("DELETE FROM offers WHERE offer_id=".$_POST["d$i"],$link);
		$td++;
	}
}

$msg = "$td record(s) deleted!";
}



$result = mysql_query("Select * from offers",$link);
$num = mysql_num_rows($result);
$n = 0;

?>


<html>
<head>
<title>Admin</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="layout.css">
</head>

<body>
<div align="left"><img src="../images/logo.gif" width="150" height="110"> </div>
<p align="left"></p>
<p align="left"> <?=$username?> please edit or delete from the listing below. 
  To Edit a offer simply click on the tile of the offer below.
<div align="left"></div>
<p><br>
</p>
<table width="100%" cellpadding="0" cellspacing="0">
  <tr bgcolor="#FFFF00"> 
    <td><?php echo $msg?></td>
  </tr>
</table>
<form name="form1" method="post" action="">
  <table width="100%" cellpadding="1" cellspacing="1" bgcolor="#999999">
    <tr bgcolor="#CCCCCC"> 
      <td width="6%" valign="middle"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> </font><span class="brown_bold">No:</span></td>
      <td width="94%" valign="middle" class="light_blue"><b>Offer Details: </b></td>
    </tr>
    <?php while($row = mysql_fetch_array($result, MYSQL_BOTH)){
$n++;
?> 
    <tr bgcolor="#FFFFFF"> 
      <td width="6%"> 
        <input type="checkbox" name="d<?php echo $n;?>" value="<?php echo $row['offer_id'];?>">
      </td>
      <td width="94%"><a href="add.php?offer_id=<?php echo $row['offer_id']?>"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><?php echo $row['title'];?></font></a></td>
    </tr>
    <?php

 }?> 
    <tr bgcolor="#FFFFFF"> 
      <td width="6%"> </td>
      <td width="94%"> 
        <input type="submit" name="Submit" value="Delete" class="button">
        <input name="total" type="hidden" id="total" value="<?php echo $n?>">
      </td>
    </tr>
  </table>
  <p><a href="add.php">Add a Listing</a> | <a href="protectedpage.php">Back to 
    Index</a> | <a href="logout.php">Logout</a>
</form>
</body>
</html>

Can anyone please, please help! I’m nearly there!

Thanks

Chris

bpat1434

So, how are you storing their logged in status? Sessions? If so, store the value of the column that you need in it (i.e. Fred or "Your Name").

Then just add a simple WHERE name='$_SESSION['name']'

~Brett

thorpe

As a side note. Use [ php ][/ php ] tags when posting, instead of [ code ], makes it easier to read.

7724

Hi Brett,

Thanks for the kind response. I kinda get where you are coming from and I am using sessions, but what I don't get is how I kind of link the two tables:

http://www.regionalpressclub.co.uk/user/one.jpg

http://www.regionalpressclub.co.uk/user/three.jpg

If a user is logged in under ID 1 in the 'user' table and adds a listing how does my 'offer' table know that ID 1 has added that particular listing to the 'offer' table?

...and what if a user logs out and then logs in again - surely the session is destroyed?

Thanks

7724

Wonder if anyone could advise if this could be done:

Just also thinking about it when I save my data to the 'offer' table is there any way I could maybe create a new field in the 'offer' table called 'user_id' and when I hit submit on my page:

<?php

// login stuff

include("accesscontrol.php");
include("check.php");

$msg = "";
$name = "";
$title = "";
$full_details = "";
$redemption = "";
$restrictions = "";

if(isset($_POST['Submit']))
{

$name = $_POST['name'];
$title = $_POST['title'];
$full_details = $_POST['full_details'];
$redemption = $_POST['redemption'];
$restrictions = $_POST['restrictions'];

if(!isset($_GET['offer_id']))
{
	$result = mysql_query("Insert into offers(name,title,full_details,redemption,restrictions) values('$name','$title','$full_details','$redemption','$restrictions')");
	$msg = "New record is saved";
}
else
{
	$result = mysql_query("Update offers set name='$name', title='$title', full_details='$full_details', redemption='$redemption', restrictions='$restrictions' where offer_id=".$_GET['offer_id']);
	$msg = "Record is updated";
}
}
if(isset($_GET['offer_id']))
{
	$result = mysql_query("Select * From offers where offer_id=".$_GET['offer_id'],$link);
	$row = mysql_fetch_array($result, MYSQL_BOTH);
	$name = $row['name'];
	$title = $row['title'];
	$full_details = $row['full_details'];
    $redemption = $row['redemption'];
    $restrictions = $row['restrictions'];
}

if(mysql_error())
{
echo mysql_error() ."<br>\n";
}


?>


<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <title> Members-Only Page </title>
  <meta http-equiv="Content-Type"
    content="text/html; charset=iso-8859-1
</head>
<link rel="stylesheet" href="layout.css">
<link rel="stylesheet" href="layout.css">
<body>
<p><img src="../images/logo.gif" width="150" height="110"></p>
<p> <?=$username?> please enter a deal for the RPC website below.</p>
<h1 id="mainhead" class="text"> MVP - Partner Companies</h1>
<p class="text">Please create use the links below to add, update or delete a deal 
  that you wish to offer the RPC</p>
<table width="95%" border="0">
  <tr bgcolor="#FFFF00"> 
    <td><?php echo $msg?></td>
  </tr>
</table>
<form name="form1" method="post" action="">
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"> <img src="../images/1.jpg" width="20" height="20"> 
      Please Enter Your Name:</td>
  </tr>
  <tr> 
    <td colspan="2"> 
        <p> 
          <input name="name" type="text" id="name" value="<?php echo $name?>" size="40">
        </p>
        </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/2.jpg" width="20" height="20"> 
      Please give a title for the offer:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <input name="title" type="text" id="title" value="<?php echo $title?>" size="40">
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/3.jpg" width="20" height="20"> 
      Please give full details of the offer:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="full_details" id="full_details" cols="60" rows="3"><?php echo $full_details?></textarea>
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/4.jpg" width="20" height="20"> 
      Method of Redemption:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="redemption" id="redemption" cols="60" rows="3"><?php echo $redemption?></textarea>
      </td>
  </tr>
</table>
<br>
<table width="22%" border="0">
  <tr valign="middle"> 
    <td height="20" colspan="2"><img src="../images/5.jpg" width="20" height="20"> 
      Details of Restrictions:</td>
  </tr>
  <tr> 
      <td colspan="2"> 
        <textarea name="restrictions" id="restrictions" cols="60" rows="3"><?php echo $restrictions?></textarea>
      </td>
  </tr>
</table>
  <p> 
    <input type="submit" name="Submit" value="Submit" class="buttons">
    <input type="reset" name="Submit2" value="Reset" class="buttons">
  </p>
  <p><a href="listing.php">Back to Listings</a> | <a href="protectedpage.php">Back 
    to Index</a> | <a href="logout.php">Logout</a></p>
</form>
<?php
include ('./includes/footer.html');
?>

It could take the ID currently for the session and somehow automatically then place that ID value in the 'user_id' field I have created in the 'offers' table?

Then I could simply just echo out all records for each user_id in the 'offers' table?

Can this be done?

Thanks

Chris

imi_99

hi, as i understand. if you want to link two tables , you need to create an user_offerid. when u create a new user automticaly create a user_offerid(suppose 32122).
when a person login you can store this user_offerid in session to get on everypage. so if a person login and add any offer then in second table u add that offer with that (32122) user_offerid.
you can select, edit, delete offers using that user_offerid number.

I think u got it.

7724

Hi Guys,

Thanks for your help, but a bit confused. Let me just go through this step-by-step if I may to see if this can be done:

1) User Logs in and Session Remembers the ID of the logged in User taken from the 'login' table

2) I Go to my add.php page and when I go to hit 'submit' all the data is added to the 'offers' table - INCLUDING the session ID into a new field I have created called 'ID' in the offers table?

Thanks

Chris