--- John Holmes <holmes072000@xxxxxxxxxxx> wrote: > From: "Stuart Felenstein" <stuart4m@xxxxxxxxx> > > For whatever reason I can not use session only > here. > > It does not return the correct record from the > table. > > Don't say that you cannot use sessions, just say > that you haven't figured > out how to correctly use them, yet. Okay, I can admit that much ;) > > Maybe that doesn't make anysense. In the listing > of > > recods where the user would click to go update, > there > > is a repeat region SQL statement that shows all > > records from table under session ID. > > What do you mean by "session ID" here? What is that? I *think* what would be commonly referred to as session variables. Consisting of Username, UserID (the original id assigned to user with registration, and access level. > > > e.g. > > Record_Table > > > > recordID userID info1name info1details > > 1 3 somename sos > > 2 4 somename sos > > 3 3 somename sos > > 4 4 somename sos > > 5 3 somename sos > > 6 5 somename sos > > Okay, so explain this table structure to us. If I > log in as UserID #3, does > that mean I have access to records 1, 3 and 5? Correct > How do you remember that I'm UserID #3 as I go > throughout the site? By using both the UserID and AccessLevel. Pages are marked with a "restrict access" to a certain level or type. Generally the pages that are restricted now are form pages. So there is also a grabbing of the session varaible , in this case the userid. When I > request "update.php?recordID=2", you should be doing > something like "SELECT > * FROM Record_Table WHERE recordID = 2 AND userID = > 3", which will not > return any rows. Okay that makes sense I will try that. Though I'd imagine the SQL will need to be different since I could be dealing with hundreds, thousanda etc of records. Stuart -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php