Re: can a session be used in a query?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm working in the same kind of environment.

Make sure you are single quoting string data in MySQL

as in

$query = "SELECT * FROM admin WHERE UserName = '" . $_SESSION['user'] . "' 
";

Thats a single quote, double quote, dot, session var, dot, double quote, 
single quote

I wrote that out because I always have a hard time seeing the two types of 
quotes so close together in code.

Frank...let us know if it works!

""Terion Miller"" <webdev.terion@xxxxxxxxx> wrote in message 
news:37405f850901071146i11d33987ga747ef2e4932fb7d@xxxxxxxxxxxxxxxxx
>I am still struggling with getting my sessions and logins to pull just the
> allotted data that each user is allowed...
> I have the session working, and can echo it to see that .. what I'm having
> problems with is this : I want to pull the data specific to each user
> ..right... so far I either get all data regardless of user privileges or I
> get nothing.. a blank page, I have tried so many ways but never one that
> works: here are a few I have worked with----
>
> This one pulls all data regardless of user level:
> <?php
> error_reporting(E_ALL);
> ini_set('display_errors', '1');
> session_start();
> include("inc/dbconn_open.php");
>
>
> if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] <> 'True' ){
>    header ("Location: LogOut.php");
> }
>
>
>    $query =  "SELECT * FROM admin WHERE AdminID = AdminID";
>    $result = mysql_query ($query);
>    $row = mysql_fetch_object ($result);
> ?>
>
> From there I tried:
>
> <?php
> error_reporting(E_ALL);
> ini_set('display_errors', '1');
> session_start();
> include("inc/dbconn_open.php");
>
>
> if (empty($_SESSION['AdminLogin']) || $_SESSION['AdminLogin'] !=  true){
>    header ("Location: LogOut.php");
> }
>
>
>    $query =
> "SELECT * FROM `admin` WHERE `UserName` = `{$_SESSION['user']}";
>    $result = mysql_query ($query);
>    $row = mysql_fetch_assoc($result);
> ?>
>
> this one didn't work with the if $row -> statements that are used to 
> select
> what menu items to load.
>
> Now I have this one which loads nothing, nil a blank page:
>
> $query =  "SELECT * FROM  admin  WHERE  UserName  = "$_SESSION['user']" ";
>    $result=mysql_query($query) or die('Queryproblem: ' . mysql_error() .
> '<br />Executed            query: ' . $query);
>             if (mysql_num_rows($result) >= '1'){
>            while ($row = mysql_fetch_assoc($result)){
>            echo $row['AddEditAdmin']; //to print out the value of column
> 'var1' for each record
>      }
>  }else{
>                 echo 'No records found.';
>   }
> ?>
>
> anyone have ideas for me, the session user is working, and I need to use 
> it
> in the query to pull only that users data I also on the login page where I
> set that session all set it to = $UserName but when I try and use that in
> the query UserName = $UserName I get an undefined variable error...
>
> Really trying but not quite getting it...
> 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux