|
PHP - Transferring Data Between Pages
Sorry, I initially posted this in the Ajax Help Thread, but thinking about it, I suspect this is a php query.
I am trying to write a basic Private Messaging script.
I have my main page which lists all messages that have been received. I then want to click on an href link to run an ajax query to bring information in from another .php file which shows the content of the selected message.
But I can't fathom out how to do this with an href. First off, is it possible? If so, can anyone tell me what I am doing wrong?
The relevant script is:
privatemessage.php:
<?php
$query2 = DB::getInstance()->query("SELECT
c.id as cid, c.title, c.time,
m.id as membersid, m.username,
m.member_first_name, m.member_last_name
FROM conversation as c, members as m
WHERE ((c.member1='{$memberid}'
and c.read1='Yes' and c.removed1='No'
and m.id=c.member2)
OR (c.member2='{$memberid}' and c.read2='Yes'
and c.removed2='No' and m.id=c.member1))
GROUP BY m.id ORDER BY m.id DESC");
?>
<table>
<tr>
<td align="left">
<?php echo htmlentities($result2->member_first_name); ?>
<?php echo htmlentities($result2->member_last_name); ?>
<?php echo "("; echo htmlentities($result2->username); echo ")"; ?>
</td>
<td align="right">
<?php echo timeAgo(strtotime($result2->time)); ?>
</td>
</tr>
<tr>
<td colspan="2" align="left">
<form action="" method="post">
<?php echo "Subject: "; ?>
<?php echo "<input type='hidden' name='id' id='id' value='{$result2->cid}'>"; ?>
<a href="#$result2->cid" onClick="showMessages(this.value)"><?php echo htmlentities($result2->title); ?>
</form>
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<script src="js/readmessage.js"></script>
</td>
</tr>
</table>
<div id="txtMessage"></div>
My readmessage.js code is:
function showMessages(str)
{
if (str=="")
{
document.getElementById("txtMessage").innerHTML="";
return;
}
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("txtMessage").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","readmessage.php?q="+str,true);
xmlhttp.send();
}
And my readmessage.php code is:
?php
require 'core/memberinit.php';
$member = new Member();
include 'timeago.php';
$memberid = $member->data() ->id;
if(isset($_GET['q'])) {
$q = html_entity_decode($_GET['q']);
$req1 = DB::getInstance()->query("SELECT title, member1, member2 FROM conversation WHERE id='{$q}' AND id2='1'");
foreach ($req1->results() as $dn1)
if($req1->count()==1)
{
if(($dn1->member1=='{$memberid}') or ($dn->member2=='{$memberid}'))
{
if($dn1->member1=='{$memberid}')
{
DB::getInstance()->query("UPDATE conversation SET read1='Yes' where id='{$q}' and id2='1'");
$user_partic = 2;
} else {
DB::getInstance()->query("UPDATE conversation SET read2='Yes' where id='{$q}' and id2='1'");
$user_partic = "1";
}
$req2 = DB::getInstance()->query("SELECT conversation.time, conversation.message,
members.id as userid, members.username, members.member_first_name, members.member_last_name
FROM conversation, members
WHERE conversation.id='{$id}' AND members.id=conversation.member1
ORDER BY conversation.id2");
if(isset($_POST['message']) and $_POST['message']!='')
{
$message = $_POST['message'];
if(get_magic_quotes_gpc())
{
$message = stripslashes($message);
}
$message = $string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
if( DB::getInstance()->query("INSERT into conversation
(id, id2, title, member1, member2, message, time, read1, read2)
VALUES('{$q}', '{(intval($req2->id2)+1)}', '', '{$memberid}', '', '{$message}', '.time().', '', '')")
and
DB::getInstance()->query("UPDATE conversation SET read'{$user_partic}'='Yes' WHERE id='{$q}' AND id2='1'"));
}
echo "<h4>";
echo $dn1->title;
echo "</h4><br><br>";
echo "<table><col width='150px'><col width='50px'><col width='150px'>";
echo "<tr><th>Member</th><th> </th><th>Message</th></tr>";
foreach ($req2->results() as $dn2)
{
echo "<tr><td>";
echo $dn2->members.member_first_name;
echo $dn2->members.member_last_name;
echo " (";
echo $dn2->members.username;
echo ") </td><td></td><td>";
echo timeAgo(strtotime($dn2->time));
echo "<br>";
echo $dn2->message;
echo "</td></tr>";
}
echo "</table>";
}
}
}
?>
However, just to try and find where the error lies, I have tried the following code for my readmessage.php file:
<?php
require 'core/memberinit.php';
$member = new Member();
include 'timeago.php';
$memberid = $member->data() ->id;
if(isset($_GET['q'])) {
$q = intval($_GET['q']);
echo $q;
}
?>
Which always returns a "0" reply - which says to me that my files are talking, but that the id isn't being carried across.
Anybody got any suggestions?
Many thanks for any help offered.
Similar TutorialsHi guys,
I am having a problem transferring data between pages, using PHP sessions. I have a HTML SELECT drop-down to let user set the number of posts per page to display. <form method="POST" style="margin:auto;position:relative;width:35%;padding:17px;top:47px;">
<span>select posts-per-page:</span>
<select name="ppp">
<option selected disabled>--select ppp--</option>
<option value=10>10</option>
<option value=15>15</option>
<option value=20>20</option>
<option value=50>50</option>
<option value=100>100</option>
</select>
<input type="submit" name="submit" value="OK"/>
</form>
I want to transfer the value selected by user to a session so that I can load the value in other pages. The value of posts per page is carried by variable $ppp; so, file1 contains the code $_SESSION['ppp'] = $ppp; That seems to work great; the system updates correctly the session's value as user submits different numbers of posts-per-page.
The problem is in page2.php: it doesn't update to the new user's selection; I already have a session active in that page so I don't need session_start(). To call the session, I use the line $ppp=$_SESSION['ppp']; When user changes the selection from 50 to 100 posts per age, for example, the value of page1.php changes as expected, but the value transferred to page2.php doesn't change, appears to remain with the default value the page loads with. I don't know if the problem is that I already have a session going. Can you have more than one session running simultaneously in a page? Can anybody help? Thanks in advance!
Sept hi, I have a webpage that is driven by a database mostly. it has a catalog of dog treats and most will transfer to the checkout page but 2 two won't. I have checked the database and everything looks fine if it would help, here 's the webpage. http://auntievics.com/treats.php. it's the Cara The Flirt's K9 Canoli Stuffed and the Cara The Flirt's K9 Canoli Unstuffed that won't transfer. Any help would be appreciated. I have the following code Code: [Select] while($player = mysql_fetch_array($players)) { #Lets loop through all the players echo "<BR><input type=submit onclick=this.form.action='points.php?points=".$_GET['points']."&player=".$player['playerID']."&playerName=".$player['name']."' value='".$player['name']."'>"; }but the problem is that $player['name'] is always two words and it doesn't work. So I have removed '&playerName=".$player['name']."' but now don't know how to transfer that info. Is there a way of having the player name in the header or another way of sending this data to the next page? Another way of doing it is to check for the players name via there playerID number but this involves another call to the database which I am trying to avoid. I have a page that reads from a database to list employees from different states. Under each name is a link that pulls up a new window with a contact form. My goal is to get the name from that link to appear on that new window. (Which I will then use to ultimately add the name into the email that was generated so the recipient can know who the email was intended for.) I've tried using the GET and POST methods but nothing seems to work. Any help would be appreciated greatly. I will name my firstborn after anything you desire. I've included my code below. (The last line is what I've been primarily working with) Code: [Select] //Open Database Connection $db = open_db_connection(); $sql = "SELECT DISTINCT 1 from users where active = 'Y' and show_on_contactus = 'Y'"; $results = mysql_query($sql, $db); $emaillink = "<a target='main' onclick=window.open('contactform/contactCentral.php?name=$state_row[state]','popup','width=380,height=400,scrollbars=no,resizable=no,toolbar=yes,directories=no,location=no,menubar=yes,status=no,left=0,top=0'); return false>"; if(!mysql_num_rows($results) == FALSE) while($row = mysql_fetch_array($results, MYSQL_BOTH)) { echo "<ul id=\"directors\">\n"; $state_sql = "SELECT * from users where active = 'Y' and show_on_contactus = 'Y' and state_full = 'indiana' order by last_name"; $state_results = mysql_query($state_sql, $db); if(!mysql_num_rows($results) == FALSE) { while($state_row = mysql_fetch_array($state_results, MYSQL_BOTH)) { echo "<li>\n"; echo " <div class=\"fl dirimg\">\n"; if($state_row[photo] == "") { echo "<img border=\"0\" width=\"61\" height=\"85\" src=\"images/exe_placeholder.jpg\" alt=\"$state_row[first_name] $state_row[last_name]\" />\n"; } else { echo "<img border=\"0\" width=\"61\" height=\"85\" src=\"n2team/pictures/$state_row[photo]\" alt=\"$state_row[firstname] $state_row[last_name]\" />\n"; } echo " </div>\n"; echo " <span class=\"fr\">$state_row[first_name] $state_row[last_name]<br />\n"; echo " $state_row[title]<br />\n"; echo " $state_row[city], $state_row[state]<br />\n"; echo " $emaillink Contact $state_row[first_name] </a></span></li>\n"; } Hey there, I was wondering if this is possible with mysql, my goal is to transfer the users id from the users table to the id field in my status table, thanks in advance. NOTE: Not manually, through a script. Hi, I am a curious fellow just beginning to use PHP. I understand the basics of what the $_GET and $_POST superglobals do, and how we can use them to retrieve data after form submission. I also know that since $_GET and $_POST are just associate arrays, we can create our own values in both $_GET and $_POST by writing statements like $_POST['variable'] = "value". I am wondering if it is at all possible to send data beyond form data by adding new key/value pairs into $_GET and $_POST. So for example, if I had a form that transferred username/password through Post, would it be possible for me to include further data by just saying $_POST['formtype'] = "house_insurance_form"? Basically what I'm getting at is trying to physically add your own data to $_POST or $_GET that you could pull from the next page where the form redirects to. In other words, can I send data beyond form data using these superglobals? I know I can do this with $_SESSION, but could I do it through $_POST or $_GET? I haven't been able to accomplish this, and I was just wondering if someone could give me an in-depth explanation of how this might work or how this is not possible. I would really really really appreciate it. Best Regards, -Sky Transferring data from sub-domain.site.com Reading sub-domain.site.com What is this all about? I'm going to put all .. images into a separate sub-domain eg: images.site.com. This would create a folder inside my public_HTML called "images" Now when sites have that Transferring data, and Reading... is this .. something relating to what I want. Facebook also does it, and they get their images for the site from a sub domain, how is it all done? I'm not sure if its entirely PHP, but I hope someone can help. Thanks hello friends I'm dealing with this problem for two days. I put here the screenshot for easier understanding.Sorry about my bad english. Here is the ss http://i61.tinypic.com/2rz5q55.jpg I don't want to inner join or table join. All image links which same sku should displayed in single row where products.resimler colon I can join the tables but i want to one table.Because i can import single csv file for e-commerce script.How can I use a update query for list multiple images in table products. Edited by nogai, 10 October 2014 - 07:01 AM. Please tell me how can i do it ??
hello, i am transferring the post number from a forum page, to a non-forum page via url variables.. how do i stop someone editing the url variable and viewing the posts concerned? i thought i could possibly use cookies/or a kind of auto-post form.. please help if you can.. just what to google would be appreciated Im trying to create a page that collects personal info from users and registers them. I have a page that contains the registration form which i will call page 1. A second page which I will call page 2, processes the form. A simplified version of page 2 looks like this Code: [Select] <?php if (isset($_POST['submitted'])) { $errors = array(); // Connect to the database. require_once ('config.php'); //Check for errors. //Check to ensure that the password is long enough and is of the right format. if (eregi ("^[[:alnum:]]{8,16}$" , $_POST['password'])) { $b = TRUE; } else { $b = FALSE; $errors[] = 'Please enter a password that consists only of letters and numbers between 8 and 16 characters long.'; } //Check to make sure the password matches the confirmed password. if ($_POST['password'] == $_POST['password2']) { $c = TRUE; $password = $_POST['password']; //Encrypt the password. } else { $c = FALSE; $errors[] = 'The password you entered did not match the confirmed password.'; } //Check to make sure they entered their first name and it's of the right format. if (eregi ("^([[:alpha:]]|-|')+$", $_POST['firstname'])) { $d = TRUE; } else { $d = FALSE; $errors[] = 'Please enter a valid first name.'; } //Check to make sure they entered their last name and it's of the right format. if (eregi ("^([[:alpha:]]|-|')+$", $_POST['lastname'])) { $e = TRUE; } else { $e = FALSE; $errors[] = 'Please enter a valid last name.'; } //Insert data into database. if (empty($errors)) { //query the database. for the sake of simplicity, I wont include the code // Show thank you message echo "<h3>Thank You!</h3> You have been registered"; } else { echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>'; } //Display error messages. } else {// if errors array is not empty header("Location: page1.php?message=$errors");//Trying to pass the errors array into the url for page1 } } ?> So the idea is to create an array that contains all the errors. Upon querying the database, if the user completed the fields as required, a thank you message is printed. If not, he is redirected to the page containing the form (page 1) and the array containing the errors is transferred to page 1. Now I will include the relevant section of page 1 whihc is supposed to print the error messages. Code: [Select] <?php if(isset($_GET['message']) { echo '<h3>Error!</h3> The following error(s) occured:<br />'; foreach ($errors as $msg) { echo "$msg<br/>\n"; } } ?> I get the following error message when I submit the registration forms with deliberate errors: Error! The following error(s) occured: PHP Error Message Warning: Invalid argument supplied for foreach() in /home/a4993450/public_html/register_page_content.php on line 66 Free Web Hosting Can anyone point out why this error occurs? Is it possible to have a link like this, http://www.somesite.com/?id=243 and transfer the "id" (or another query string) into the website from the link but at the same time, not affect the website (since "id" isn't a query string originally used in the website's URL)? I hope that makes sense.. This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=357806.0 Am new here - looks like a great foru! I would sincerely appreciate any help anyone can give me. I have been trying to solve my problem for hours and I am not having any luck, so I thought I would post and see if anyone can help. I am very stuck and am not making much progress on this project, and I am certain the answer is very simple. I am constructing a form to collect data for a specialized purpose. The form and program actually work for its intended function, but I am trying to enhance the user experience by preventing customers from having to reenter all of their data should there be a problem with any of the data submitted. I have been able to do that with the contact form portion, but what I am having trouble with is the portion which has as many as 400 possible entries. So, in a nutshell, if the customers contact data is incomplete or in error, the form will ask them to return to the page and correct things. The previous data entered has been saved in the session and the input value will equal the previous entry. i.e. <tr> <td align="right" class="infoBox"><?php echo ENTRY_EMAIL_ADDRESS; ?></td> <td align=left><?php echo "<input type=text name='cemail' value=\"$cemail\" size=35 maxlength=35>" ?></td> </tr> Works perfectly, all well and good there. On the other 400 more or less entries, I am having a difficult time tweaking the string concatenation to work to achieve similar results. There are 4 columns each with $points entries asking for a dimension in either feet or inches. The <input name=> is one of ptaf,ptai,ptbf,ptbi, appended programatically with the corresponding row number or data point. i.e. "ptaf1", "ptai1", etc... This is produced by the example below and works perfectly also. <?php { $points=100; $i=1; while ($i <= $points) {echo ' <tr><td align="center" width="6"><b> ' .$i . '</b></td> <td align="right" NOWRAP>A' .$i . ' (ft) <input type="text" name="ptaf'.$i.'" size=4 maxlength=3> </td> <td align="right" NOWRAP>A' .$i . ' (in) <input type="text" name="ptai'.$i.'" size=4 maxlength=4> </td> <td align="right" NOWRAP>B' .$i . ' (ft) <input type="text" name="ptbf'.$i.'" size=4 maxlength=3> </td> <td align="right" NOWRAP>B' .$i . ' (in) <input type="text" name="ptbi'.$i.'" size=4 maxlength=4> </td> '; $i++; } } ?> I am trying to add <input value=$ptai.$i> for each field but as I mentioned I am not having any luck. It seems as if I have tried every combination imagineable, but still no luck. My head is spinning! The closest I seem to have gotten was with this: <td align="right" NOWRAP>A' .$i . ' (ft) <input type="text" size=6 maxlength=3 name="ptaf'.$i.'" value="' . "$ptaf" . $i . '" ></td> But line 17 for example returns this: <input type="text" value="17" name="ptaf17" maxlength="3" size="6"> To recap, I am trying to have the value set to whatever the customer may have entered previously. Again, I would most appreciate any help anyone can give me. If you need clarification on anything please let me know. Thanks AJ Hello to all, I have problem figuring out how to properly display data fetched from MySQL database in a HTML table. In the below example I am using two while loops, where the second one is nested inside first one, that check two different expressions fetching data from tables found in a MySQL database. The second expression compares the two tables IDs and after their match it displays the email of the account holder in each column in the HTML table. The main problem is that the 'email' row is displayed properly while its while expression is not nested and alone(meaning the other data is omitted or commented out), but either nested or neighbored to the first while loop, it is displayed horizontally and the other data ('validity', 'valid_from', 'valid_to') is not displayed.'
Can someone help me on this, I guess the problem lies in the while loop? <thead> <tr> <th data-column-id="id" data-type="numeric">ID</th> <th data-column-id="email">Subscriber's Email</th> <th data-column-id="validity">Validity</th> <th data-column-id="valid_from">Valid From</th> <th data-column-id="valid_to">Valid To</th> </tr> </thead> Here is part of the PHP code:
<?php
while($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
echo '
<tr>
<td>'.$row["id"].'</td>
';
while ($row1 = $stmt1->fetch(PDO::FETCH_ASSOC)) {
echo '
<td>'.$row1["email"].'</td>
';
}
if($row["validity"] == 1) {
echo '<td>'.$row["validity"].' month</td>';
}else{
echo '<td>'.$row["validity"].' months</td>';
}
echo ' <td>'.$row["valid_from"].'</td>
<td>'.$row["valid_to"].'</td>
</tr>';
}
?>
Thank you. Here's the code that deals with the client side:
<?php
session_start();
if(!isset($_SESSION['Logged_in'])){
header("Location: /page.php?page=login");
}
?>
<!DOCTYPE Html>
<html>
<head>
<!--Connections made and head included-->
<?php require_once("../INC/head.php"); ?>
<?php require_once("../Scripts/DB/connect.php"); ?>
<!--Asynchronously Return User Names-->
<script>
$(document).ready(function(){
function search(){
var textboxvalue = $('input[name=search]').val();
$.ajax(
{
type: "GET",
url: 'search.php',
data: {Search: textboxvalue},
success: function(result)
{
$("#results").html(result);
}
});
};
</script>
</head>
<body>
<div id="header-wrapper">
<?php include_once("../INC/nav2.php"); ?>
</div>
<div id="content">
<h1 style="color: red; text-align: center;">Member Directory</h1>
<form onsubmit="search()">
<label for="search">Search for User:</label>
<input type="text" size="70px" id="search" name="search">
</form>
<a href="index.php?do=">Show All Users</a>|<a href="index.php?do=ONLINE">Show All Online Users</a>
<div id="results">
<!--Results will be returned HERE!-->
</div>
search.php
<?php //testing if data is sent ok echo "<h1>Hello</h1><br>" . $_GET['search']; ?>This is the link I get after sending foo. http://www.family-li...php?&search=foo Is that mean it was sent, but I'm not processing it correctly? I'm new to the whole AJAX thing. This could be PHP or MySql so putting it in PHP forum for now... I have code below (last code listed) which processes a dynamically created Form which could have anywhere from 0 to 6 fields. So I clean all fields whether they were posted or not and then I update the mySQL table. The problem with this code below is that if, say, $cextra was not posted (i.e. it wasnt on the dynamically created form), then this code would enter a blank into the table for $cextra (i.e. if there was already a value in the table for $cextra, it gets overwritten, which is bad). What is the best way to handle this? I'm thinking i have to break my SQL query into a bunch of if/else statements like this... Code: [Select] $sql = "UPDATE cluesanswers SET "; if (isset($_POST['ctext'])){ echo "ctext='$ctext',"; } else { //do nothing } and so on 5 more times.... That seems horribly hackish/inefficient. Is there a better way? Code: [Select] if (isset($_POST['hidden']) && $_POST['hidden'] == "edit") { $cimage=trim(mysql_prep($_POST['cimage'])); $ctext=trim(mysql_prep($_POST['ctext'])); $cextra=trim(mysql_prep($_POST['cextra'])); $atext=trim(mysql_prep($_POST['atext'])); $aextra=trim(mysql_prep($_POST['aextra'])); $aimage=trim(mysql_prep($_POST['aimage'])); //update the answer edits $sql = "UPDATE cluesanswers SET ctext='$ctext', cextra='$cextra', cimage='$cimage', atext='$atext', aextra='$aextra', aimage='$aimage'"; $result = mysql_query($sql, $connection); if (!$result) { die("Database query failed: " . mysql_error()); } else { } Say there is a complex opt in process where people start to enter their data but certain questions stop them where they close out of the page. They already entered their data and I feel there is a way to grab it and post it to mysql even though they do not click submit.
How would this be done?
A super simple example (proof of concept) or a link to a tutorial would be very useful.
Edited by brentman, 23 September 2014 - 10:42 AM. Hi, after banging my head against the wall for a while thinking this would be a simple task, I'm discovering that this is more complicated than I thought. Basically what I have is a link table linking together source_id and subject_id. For each subject there are multiple sources associated with each. I had created a basic listing of sources by subject... no problem. I now need a way of having a form to create an ordered list in a user-specified way. In other words, I can currently order by id or alphabetically (subject name lives on a different table), but I need the option of choosing the order in which they display. I added another row to this table called order_by. No problem again, and I can manage all of this in the database, however I want to create a basic form where I can view sources by subject and then enter a number that I can use for sorting. I started off looping through each of the entries and the database (with a where), and creating a foreach like so (with the subject_id being grabbed via GET from the URL on a previous script) Code: [Select] while($row = mysqli_fetch_array($rs)) { //update row order if (isset($_POST['submit'])) { //get variables, and assign order $subject_id = $_GET['subject_id']; $order_by = $_POST['order_by']; $source_id = $row['source_id']; //echo 'Order by entered as ' . $order_by . '<br />'; foreach ($_POST['order_by'] as $order_by) { $qorder = "UPDATE source_subject set order_by = '$order_by' WHERE source_id = '$source_id' AND subject_id = '$subject_id'"; mysqli_query($dbc, $qorder) or die ('could not insert order'); // echo $subject_id . ', ' . $order_by . ', ' . $source_id; // echo '<br />'; } } else { $subject_id = $_GET['subject_id']; $order_by = $row['order_by']; $source_id = $row['source_id']; } And have the line in the form like so: Code: [Select] echo '<input type="text" id="order_by" name="order_by[]" size="1" value="'. $order_by .'"/> (yes I know I didn't escape the input field... it's all stored in an htaccess protected directory; I will clean it up later once I get it to work) This, of course, results in every source_id getting the same "order_by" no matter what I put into each field. I'm thinking that I need to do some sort of foreach where I go through foreach source_id and have it update the "order_by" field for each one, but I must admit I'm not sure how to go about this (the flaws of being self-taught I suppose; I don't have anyone to go to on this). I'm hoping someone here can help? Thanks a ton in advance I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. <?php session_start(); if (!$_SESSION["user_name"]) { // User not logged in, redirect to login page Header("Location: login.php"); } $con = mysql_connect('localhost','root',''); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("login", $con); $user_name = $_POST['user_name']; $refid = $_POST['refid']; $query = "SELECT * from reference,users WHERE reference.username=users.user_name AND reference.refid='$refid' AND "; $result = mysql_query($query) or trigger_error('MySQL encountered a problem<br />Error: ' . mysql_error() . '<br />Query: ' . $query); while($row = mysql_fetch_array($result)) { echo $row['refid']; echo $row['origin']; echo $row['dest']; echo $row['date']; echo $row['exdate']; echo $row['username']; } echo "<p><a href=\"logout.php\">Click here to logout!</a></p>"; ?> <html> <form method="post" action="final.php"> Ref Id:<input type="text" name="refid"> <input type="submit" value="submit" name="submit"> </html> |
|||||||