Re: can a session be used in a query?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Terion Miller wrote:
> I am still struggling with getting my sessions and logins to pull just the
> allotted data that each user is allowed...
> I have the session working, and can echo it to see that .. what I'm having
> problems with is this : I want to pull the data specific to each user
> ..right... so far I either get all data regardless of user privileges or I
> get nothing.. a blank page, I have tried so many ways but never one that
> works: here are a few I have worked with----
> 
> This one pulls all data regardless of user level:
> <?php
> error_reporting(E_ALL);
> ini_set('display_errors', '1');
> session_start();
> include("inc/dbconn_open.php");
> 
> 
> if (empty($_SESSION['AdminLogin']) OR $_SESSION['AdminLogin'] <> 'True' ){
>     header ("Location: LogOut.php");
> }
> 
> 
>     $query =  "SELECT * FROM admin WHERE AdminID = AdminID";

Translated, the above line means the following:

$query =  "SELECT * FROM admin WHERE TRUE";

Which would return all rows from the table

>     $result = mysql_query ($query);
>     $row = mysql_fetch_object ($result);
> ?>
> 
> From there I tried:
> 
> <?php
> error_reporting(E_ALL);
> ini_set('display_errors', '1');
> session_start();
> include("inc/dbconn_open.php");
> 
> 
> if (empty($_SESSION['AdminLogin']) || $_SESSION['AdminLogin'] !=  true){
>     header ("Location: LogOut.php");
> }
> 
> 
>     $query =
> "SELECT * FROM `admin` WHERE `UserName` = `{$_SESSION['user']}";

Looks like you have a typo or something...  you have a backtick where you need to have single quotes.

Make sure you close the single quotes too...

$query = "SELECT * FROM `admin` WHERE `UserName` = '{$_SESSION['user']}'";

as long as when you echo $_SESSION['user'] it gives you what you expect, it should now work.

>     $result = mysql_query ($query);
>     $row = mysql_fetch_assoc($result);
> ?>
> 
> this one didn't work with the if $row -> statements that are used to select
> what menu items to load.
> 
> Now I have this one which loads nothing, nil a blank page:
> 
>  $query =  "SELECT * FROM  admin  WHERE  UserName  = "$_SESSION['user']" ";

The double quotes inside the double quotes will not work.  exchange the double quotes around your $_SESSION variable with single quotes and it will
work better.

>     $result=mysql_query($query) or die('Queryproblem: ' . mysql_error() .
> '<br />Executed            query: ' . $query);
>              if (mysql_num_rows($result) >= '1'){
>             while ($row = mysql_fetch_assoc($result)){
>             echo $row['AddEditAdmin']; //to print out the value of column
> 'var1' for each record
>       }
>   }else{
>                  echo 'No records found.';
>    }
> ?>
> 
> anyone have ideas for me, the session user is working, and I need to use it
> in the query to pull only that users data I also on the login page where I
> set that session all set it to = $UserName but when I try and use that in
> the query UserName = $UserName I get an undefined variable error...
> 

You didn't or mention a variable called $UserName in any of the examples above.  Not sure where this comes into the picture.

> Really trying but not quite getting it...
> 


-- 
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
       and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
    by William Shakespeare

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux