Terion Miller wrote: > I am still struggling with getting my sessions and logins to pull just the > allotted data that each user is allowed... > I have the session working, and can echo it to see that .. what I'm having > problems with is this : I want to pull the data specific to each user > ..right... so far I either get all data regardless of user privileges or I > get nothing.. a blank page, I have tried so many ways but never one that > works: here are a few I have worked with---- > > This one pulls all data regardless of user level: > <?php > error_reporting(E_ALL); > ini_set('display_errors', '1'); > session_start(); > include("inc/dbconn_open.php"); > > > if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] <> 'True' ){ > header ("Location: LogOut.php"); > } > > > $query = "SELECT * FROM admin WHERE AdminID = AdminID"; Translated, the above line means the following: $query = "SELECT * FROM admin WHERE TRUE"; Which would return all rows from the table > $result = mysql_query ($query); > $row = mysql_fetch_object ($result); > ?> > > From there I tried: > > <?php > error_reporting(E_ALL); > ini_set('display_errors', '1'); > session_start(); > include("inc/dbconn_open.php"); > > > if (empty($_SESSION['AdminLogin']) || $_SESSION['AdminLogin'] != true){ > header ("Location: LogOut.php"); > } > > > $query = > "SELECT * FROM `admin` WHERE `UserName` = `{$_SESSION['user']}"; Looks like you have a typo or something... you have a backtick where you need to have single quotes. Make sure you close the single quotes too... $query = "SELECT * FROM `admin` WHERE `UserName` = '{$_SESSION['user']}'"; as long as when you echo $_SESSION['user'] it gives you what you expect, it should now work. > $result = mysql_query ($query); > $row = mysql_fetch_assoc($result); > ?> > > this one didn't work with the if $row -> statements that are used to select > what menu items to load. > > Now I have this one which loads nothing, nil a blank page: > > $query = "SELECT * FROM admin WHERE UserName = "$_SESSION['user']" "; The double quotes inside the double quotes will not work. exchange the double quotes around your $_SESSION variable with single quotes and it will work better. > $result=mysql_query($query) or die('Queryproblem: ' . mysql_error() . > '<br />Executed query: ' . $query); > if (mysql_num_rows($result) >= '1'){ > while ($row = mysql_fetch_assoc($result)){ > echo $row['AddEditAdmin']; //to print out the value of column > 'var1' for each record > } > }else{ > echo 'No records found.'; > } > ?> > > anyone have ideas for me, the session user is working, and I need to use it > in the query to pull only that users data I also on the login page where I > set that session all set it to = $UserName but when I try and use that in > the query UserName = $UserName I get an undefined variable error... > You didn't or mention a variable called $UserName in any of the examples above. Not sure where this comes into the picture. > Really trying but not quite getting it... > -- Jim Lucas "Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them." Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php