I am fairly new to PHP and am not sure how to do this.
I have two tables:
owner (ownerid(PK), username, password)
venue (venueid(PK), owenerid(FK), venuename, location, number)
owner stores the details of the current logged in user. Once the user is logged in they enter details into a form that gets inserted into venue table.
How do I take the ownerid of the current logged in user and insert it into ownerid (in venue table) so that at a later stage I can select all venues that a particular user has added, and only that logged in user can view them.
I am pretty new to PHP so would appreciate as much explanation / code as possible :)
Thanks!
If you have a logged in user you will be able to identify them either through a cookie or a session. If you store their ownerid in the session variable, then you will be able to access it whenever you require
$ownerid = $_SESSION['user']
You can then use that variable in association with the selected venues, and relate them together so only this user can view them when logged in, matching their ownerid
Related
I'm trying to make an Address book with different users in which they can log in with their username and password. And they can store the information like contact id, first name, last name, phone etc. I want each user to have his own address book.
Can someone please explain how I create different address book for different users.
Thanks a lot.
Create a database. take a primary id to each user or provide unique id.Then create another table fill the fields that you want(address book).Match the user who logged in and and with that another table(foreign key relationship).
When you login ..it checks with db then allows.After that you have to use insert ,update keywords for further process to put data in db.That particular unique id/primary key is used to fetch the related data(address book fields) of that user.
It is actually not a good question for StackOverflow but I will still roughly explain it to you.
You will need two different tables for this. The first one will be used for login details and the second one will record user's address book.
For example:
Table auth will have 3 columns id, username, password
Table addressBook will have contact id, first name, last name, phone etc and also have one more which will be called userID
Whenever any user eneter the data in addressBook their userID from auth table coloum id will be stored along with it. Now you can display their own data to the users.
If you have anymore question ask in comment here.
I'm creating a token based rest api in php for e-commerce application.
Scenario :
Any visitor can add items to cart without logging in. These items are stored in the mysql database, cart table, with user_id value which defaults to 1. // As user is not logged in.
Problem :
After the user logs in, i am able to fetch the userid after decoding the token generated for the user, but want to know, how can i identify which items in cart table belongs to which user so as to update the actual userid against those products ?
Table :
customer_id int(11),
item_id int(11),
quantity int(11),
date_added datetime
Thanks in advance for any help!
You simply can't do it this way. You obviously a field in database which will be the same before, and after the user logs in. For exemple you could try to store an IP address or MAC address when user is not logged in. Then when user is logged in, you search for same values (on IP or Mac address) on the cart table, and set all the matching elements to the user ID.
In anycase, you'll obviously need to store something unique that will make a relation between then cart and the user.
Another solution, maybe the best corresponding to your needs, is to store the cart of unidentified users in cookies. Then, when users logs in, you'll have to browse all items stored in cookies to add them in your database with a correct user ID.
You should generate a (temporary) identification. I'd add an auto incremented column to your database id. After you have created the database you can retrieve the id with something like PDO mysqli_insert_id($conn). Store that id in a PHP session and you have it!
I have a website where I store user info like user id, email , password, and some other info once user registered, where user Id is auto generated field in DB with Auto Increment method in MySQL.
Now I want to implement Facebook & Google Login. Facebook & Google gives very long user id(20 to 36 char long) once we make the request to there api but I can store max 6 char long user Id.
So I want to know what is the best way to store it. Shall I create a new table where I can create mapping with FB/G+ user id to my User's table user id and every time user login I check this mapping table and get user id created by my DB corresponding to FB/G+ user id and perform all the operation using my user Id OR shall I store FB/G+ user id directly to my User table but for this we need to change Table structure and many table because user id is FK for many tables
I have problem with making event table in php, i don't know even how to start, so it would be great if someone help me with this.
I have table users and cars, now i need to make table event that will follow which user is entered new car in database.
Can someone help me with making this table that will automatically populate with user_id and car_id that this entered(before user can enter data he must login, so i know which user is entering data, but i don't know how to take his id and car_id which he entered and put in other table(event_table))?
Thanks
You can store user id in PHP session when user loged in.
so when user make any update or insert in car. you can fetch user id from session and insert in event table.
I have four different types of users login in to my website like admin, superadmin, company, and employees. Each of them have different set of pages to see but some common pages as well. Now I am having four different tables to manage them with same login screen for admin and superadmin. When either admin or superadmin logs in I will go and check two tables one by one before giving access. I have a separate login screens for company and employees. Is this the accepted way of doing it?
Actually, I want this to be changed to a single table with all users in it and a role table to differentiate the roles. I believe a four-table concept is really bad. I can't simply make it to one table because the previous developer had a habit of saving user comments and user activities in text files which is used on website.
Am I right in the way I think that a four-table login system is bad? Is storing logs in a text file that are directly used in website a good idea or not?
You have 4 tables? Just use one user table and a field that can either be 'admin', 'superadmin', 'company' or 'employees'. Then you can have unlimited types of accounts. (I would do number codes like 1,2,3 or 4 instead of string codes or ENUM type field).
But yeah, your single table idea is fine. If you want a role table, do a foreign key to your role field and link it to your role table. You can have a single login too instead of different ones for different users and check for privileges based off that foreign key value.
Here's my suggestion,
Instead of using four tables for your users, it would be better to use one.
You can create you basic user table like this (change rank to what suits your site/script):
ID username password email bla bla bla rank
So instead of using four tables, you can make your PHP script check if the user has the desired access level.
Here's a simple function to protect pages from lower access level users:
function required_level($level){
$user_level = mysql_return(mysql_query("SELECT $rank FROM `Accounts` WHERE `user_id` = $user_id"));
if($user_level<$level){
header("Location:index.php");
}
}
Then on each page you want to protect from lower level users accessing it. You can just call required_level(4); and the page will only allow users with this level or over to access the page.
Example:
Bob is a employee so he has a user rank of 1,
Joe is a superadmin so he has a user rank of 4
Both users login normally, and both try to access admin.php.
admin.php starts with required_level(4); so Bob would be redirected to the home page (you can also pass an error) but, Joe would be bale to access this page because his rank is the same or above what is required to access this page.
So, here's my super long explanation on what you can do! I hope this helps and gives you some ideas on how to make your user tables better and easier to create protect pages :)
First of all, you can do the whole thing with a single table. In that table you should have fields like username, password, typeofuser and other necessary information.
Retrieve user information like:
$username = $_POST['username']; //Retrieving a username from HTML login form
$row = mysql_query(sprintf("SELECT * FROM table WHERE username ='%s'", mysql_real_escape_string($username))); //Retrieving a row from the database
$res = mysql_fetch_array($row);
$type = $row['typeofuser']; //Retrieving whether it is administrator, super administrator, user, etc.
if ($type == "admin")
header(Loction:adminpge);
Similarly, you can check any type of user and can redirect to another page.