Display Images for Specific Users

Display Images for Specific Users - php

I have a website coded in html/css and a bit of js and jQuery.
MySql is my choice of database.
I have a login-system and users can create their own accounts on my site.
The problem is, that I'm trying to somehow restrict users so that only user A can view content (in this case, images) that I have specified for him. User B can only view its own content and so on.
I tried to mess with Role Based Access Control in php but I failed.
I'm looking for a simple solution. I have one (1) table with users where the "user_id" is the primary key.
Isn't there a way to do something like this?
if(user_id == 1) {
Do somethnig here
}

Charles, as commented there are many "open source content management systems" available that do this out of the box - I personally favour http://www.silverstripe.org/
However your question is about how to structure your database and I would recommend a "many many" relationship ( https://en.wikipedia.org/wiki/Many-to-many_(data_model) ). To create this you will need a table in the middle that stores all the id's from both ends.. e.g.
member - id - plus other fields
member_image - contains only member_id and image_id
image - id - plus other fields
to complete your code example...
$sql = "SELECT 1 FROM member_image WHERE member_id = $iMemberID AND image_id = $iImageID"
...it would be "if" the above SQL returned a row or not they member can access that image

Related

How to create a query that searches different tables on the same database to log a user into a website?

I'm building a simple login/registration feature, and I'm having a little trouble.
The issue is this, the user system I'm designing is supposed to accommodate different types of users, like (Blue users, Red users, Black users etc). So I was considering porting their different user data to separate database tables, and even giving them separate registration pages, because the content they would view on the site would vary depending on their color.
For example:
Blue Users:
INSERT 'username' INTO `blue` where...
Red Users:
INSERT 'username' INTO `red` where...
But I want to know if there's a way to log them into the site from the same login page without resorting to sending them to different pages when they want to login. I tried the following:
"SELECT `id` FROM `blue`,`red` WHERE `username`...
but it did not work, so I'm asking if there's a way to register the different user types on the same page and log them in on the same page while still giving them their different content.

One problem is probably that the "id" value is an auto-incremented primary key, right? Therefore it would be unique to only the table that they are in, but not over all tables (blue, red, black)
You would then always have to make sure to have unique usernames and ids over all groups or let them select what group they are when they log in and then only load data from that table.
If you have already solved the uniqueness problem, you should be able to simply use the union querys already suggested by other users. You can't use blue, red, because that is short for blue JOIN red, which of course will only result in data where columns with the same name are equal across blue and red.

Assuming that the user can be just in one table, you could use UNION...
SELECT id FROM blue WHERE username...
UNION
SELECT id FROM red WHERE username...
... but as a piece of advice, if user info is the same for all, you better have one table for usertypes and another for users, and link them with a foreign key...
USERTYPES TABLE
id_usertype
usrt_name
USERS TABLE
id_user
id_usertype (this should be a foreign key)
usrname
I hope it helps.

Checkbox php and mysql

I am building a website with PHP, I am not so good at php but i have found good tutorial online.
The website is for people to register as a dog walker, so when someone registers i want them to check the box of the areas that corresponds to them but there are many areas (100+) so I do not know whats the best way to do it using php and mysql. (i dont know anything about JS but i cant look for tutos)
Should all the names of the areas be store in one fild in the database or i have to build one field for each area?
I want people to be able to update the areas.
Then i wanted to have a select form with the search button.
I just want to know in words what is the best way to do it.
Thank you.

I think the best practice is to get a one-to-many relationship in your database. Which means in a simplified way '1 walker can have many areas'.
If I understond Sable Foste's comment correct, he's telling you to create one column in your user table for each area, this would require a massive database table. Besides, updating your script would be a huge pain in the ass since you would have to add each area manually. Instead I would suggest you to create two tables:
table users
user_id
user_name
table areas
area_id
area_name
Fill the areas table with all options you have. Now, when a user wants to register on your page, you can perform an SQL query which fetches all areas like so:
$areas = $database->query("SELECT * FROM areas ORDER BY area_name ASC");
if( $database->num_rows( $areas ) > 0 ) {
foreach( $database->fetch_array($areas) as $area ) {
echo '<input type="radio" name="area[]" value="'.$area['area_id'].'" /> '.$area['area_name'].'<br />';
}
}
$database illustrates a database wrapper in this example. You can also use mysql_ functions, however, they are about to be deprecated from PHP, so instead try to find tutorials on mysqli_ functions or PDO database layer.
As you can see I've named the fields area[], by doing this we get an array after we submit our register form. This array can be looped and contains all checked radio buttons. Each radio button contains the area_id:
if( isset( $_SERVER['REQUEST_METHOD'] == "POST" )) {
// Make sure you check data here and insert the user in the database first before proceeding
foreach( $_POST['areas'] as $area_id ) {
// Do something with the $area_id
}
}
Since we still have no option to connect the area_id to the user_id. To do so, we create another table that saves the connections:
table users_to_areas
area_id
user_id
In this database you will store each $area_id together with the $user_id of a newly registered or logged in user. NOTE: if you are updating a userprofile you can simply delete all previous records (DELETE FROM users_to_areas WHERE user_id = $user_id) and insert them again using the same looping method as above.
On the edit profile page, you can use the same script to list all areas again, to see if a user is connected to the area you can use a simple query (SELECT COUNT(*) FROM users_to_areas WHERE user_id = $user_id AND area_id = $area_id), if the num_rows() function returns 1 then the checkbox should be checked, otherwise it should be unchecked.
Hope this kicks you off in the right direction, good luck.

You should store all of your fields in separate rows. So if you have 100 areas, you should have 100 1 column rows (you can have more columns if there are other corresponding information you want to store).
The rest of your question is much more open-ended. You'll need to show some examples of what you are working with or have built to make it more clear

Show specific content on a page for each member when they log in

I have two tables in my database. One is a list of members each, of course, having a different member ID. The second table is a list of items that have been designated to one member.
Please note that each table has a user_id column. Based on user_id I want only certain items displayed on their webpage.
When Joe logs to the members area, he is taken to a welcome page. On that welcome page I want Joe to be able to click on a link which will take him to a page. This page will show items that only Joe is allowed to see. If another member clicks on the link it shows a message that says something like Sorry, not for your eyes.
I really am only learning and have spent the past couple of days looking for help with this issue.
I am thinking, from what I have read, that I may just be able to amend the top of my "special page" with an if statement which would say something like
if user_id from table_members = user_id from table_items
Show all rows from table_items which = user_id

There are huge number of tutorials available on internet on displaying dynamic data. Just try doing a search on "making dynamic webpages using php" like that.
let $user_id be a variable storing userid taken from user logged into the website.
$query="select * from table_items where user_id=".$user_id ;
$result=mysql_query($result);
To fetch a row:
`$row=mysql_fetch_array($result);`
To fetch specific column from that row:
$column_data=$row[$columnNameString];
Execute that query you will only get rows whose user_id column value equals to user_id variable value.

Optimal MySQL design for user-specific activity feeds

I'm building a website that constructs both site-wide and user-specific activity feeds. I hope that you can see the structure below and share you insight as to whether my solution is doing the job. This is complicated by the fact that I have multiple types of users that right now are not stored in one master table. This is because the types of users are quite different and constructing multiple different tables for user meta-data would I think be too much trouble. In addition, there are multiple types of content that can be acted upon, and multiple types of activity (following, submitting, commenting, etc.).
Constructing a site-wide activity feed is simple because everything is logged to the main feed table and I just build out a list. I have a master feed table in MySQL that simple logs:
type of activity;
type of target entity;
id of target entity;
type of source entity (i.e., user or organization);
id of source entity.
(This is just a big reference table that points the script generating the feed to the appropriate table(s) for each feed entry).
In generating the user-specific feed, I'm trying to figure out some way to join the relationship table with the feed table, and using that to parse results. I have a relationships table, comprised of 'following' relationships, that is similar to the feed table. It is simpler though b/c only one type of user is allowed to follow other content types/users.
user/source id;
type of target entity;
id of target entity.
Columns 2 & 3 in the feed and follow table are the same, and I have been trying to use various JOIN methodologies to match them up, and then limit them by any relationships in the follow table that the user has. This is has not been very successful.
The basic query I am using is:
SELECT *
FROM (`feed` as fe) LEFT OUTER JOIN `follow` as fo
ON `fe`.`feed_target_type` = `fo`.`follow_e_type`
AND fo.follow_e_id = fe.feed_target_id
WHERE `fo`.`follow_u_id` = 1 OR fe.feed_e_id = 1
AND fe.feed_e_type = 'user'
ORDER BY `fe`.`feed_timestamp` desc LIMIT 10
This query also attempts to grab any content that the user has created (which data is logged in the feed table) that the user is, in effect, following by default.
This query seems to work, but it took me sometime to get to it and am pretty sure I'm missing a more elegant solution. Any ideas?

The first site I made with an activity feed had a notifications table where activities were logged, and then friends actions were pulled from that. However a few months down the line this hit millions of records.
The solution I am programming now pulls latest "friends" activities from separate tables and then orders by date. The query is at home, can post the example later if interested?

Want to create a facebook likenews and updates

I'm wokring on a simple social network site and I would like to build a simple news update feed. Feed not in the actual sense but you know like those little reports you get on facebook eg when someone posts a picture you get a simple report saying in your main page that - so and so added a picture, or so and so added a comment. Stuff like that one liners.
However I want to build something similar. I was thinking of running a union based query on all my tables but that is INSANELY impractical. Another idea I had was to create a news feed table which would have fields like:
Who - Action - ON WHAT
Where 'WHo' - refers to the user ID of the individual who did something
Action refers to the action ie.. adding a comment
WHAT refers to like if the action was done ON something like a comment passed on an article.
However I'm not so sure if this is a good idea... I want a simple solution - any ideas would be much appreciated.

I think this sort of depends on what sort of actions you are expecting to be performed on your items. I'm no expert, but I think the approach I would take is to keep each action distinct.
Let's assume that you have news items to display in your feed, and users can vote on them (or even just 'Like' them a la Facebook) or add a comment about the item.
I'd likely set up my database as such:
NewsItems
---------
NewsId
UserId (if this is like Facebook where it's someone posting their item)
Body
Timestamp
Votes
-----
VoteId
NewsId
UserId
VoteType (or possibly VoteValue with values +1 and -1 or something)
Timestamp
Comments
--------
CommentId
NewsId
Body
Timestamp
Using this, you can retrieve the last n items that a user posted from the NewsItems table, and as you display each, you can use it's NewsId to determine it's current vote count from the Votes table, and also use NewsId to retrieve a chronological listing of all comments made on the item.
I suppose you could also replace the Body field in NewsItems with two other fields, like NewsType and TypeId. The former tells you which table to use to lookup an action (since you probably don't want picture BLOBs and status update text in the same field/table. The second gives you the key to lookup in that table.
Just my two cents. Hope it helps.

thats a tricky and not so easy thing to do.
I worked for a start up social network and it was something they wanted as well.
I dont think i still have the code laying around but if i recall correctly i went about it something like this
DB:
USERS
id : guid "a unique identifier for this user"
"other user info"
ACTIONS
when : unix_timestamp
who : guid "the user who made the actions guid"
type : set('image','news') "replace with a list of the type of things you want to track"
what : url "not like a web address but the guid of the thing that was made"
FRIENDS
id1 : guid "one of the 'friends' guid's
id2 : guid "the other persons guid
PHOTOS
id : guid "a unique identifier for the image"
url : varchar(255) "where is the image stored (file name directory etc)
who : guid "the user who posted the photos guid"
"other info you want to keep track of"
NEWS (think status update)
id : guid "a unique identifier for this statu update"
who : guid "the guid of the person who posted this"
when : unix_timestamp "timestamp of when it was posted
what : text "the contents"
using the above structure i would have my code make an entry into the ACTIONS table anytime a user posted a photo or a status update. then when their friend logged on it would go through the ACTIONS table pulling out all the actions of anyone it found was friends (via the FRIENDS table)
the TYPE field is used to differentiate what table to use when linking the IDs of the actions. so if the person posted an image when it writes the action to the screen it can set the link up to point to whatever script your using to display images. etc etc
ill see if i can find the code, if i can ill post it (company went under and i retain ownership of the code)
If my explanation isnt clear ill take some more time later to better document the process and code.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.