recently I've added a search feature to find users through my database and I encountered a question upon selecting the searched user:
-Example: John Doe searches for a user; John Doe then clicks the link to go to the users profile (view_profile.php). -Should I be echoing out all the info I want to display about the searched user via using mysql_fetch_array($username) and storing all desired info in session variables?
Should I be passing session variables to create profiles for other users to view. Or should every profile have it's own file? Thanks.
Set the Link that comes up when a user is searched to:
*put user name here*
When the User clickes the link, PHP should get the users row from the database with:
$_GET['userId'];
SQL Query:
SELECT * FROM users WHERE id = *put user id here*
Don't use $_SESSION variables for this.
Hope this helped you out.
Related
I am trying to create a social media prototype where user can log in, add others, send small file to others, etc. at the add friends page I have printed all the users name. when printing my name is also getting printed. what I want is to hide my my name from that list so that I get a list of all the other person except mine.
Try This:
select * from table where user_name not in ($_SESSION["name"]);
select * from table where user_name != '$_SESSION["name"]';
from php session you will get loggin user id, use that userid in your mysql query like following
$query = "select * from users where user_id not in(".$loggedInUserId.")";
where $loggedInUserId is the php session user id.
I am fairly new to PHP and am not sure how to do this.
I have two tables:
owner (ownerid(PK), username, password)
venue (venueid(PK), owenerid(FK), venuename, location, number)
owner stores the details of the current logged in user. Once the user is logged in they enter details into a form that gets inserted into venue table.
How do I take the ownerid of the current logged in user and insert it into ownerid (in venue table) so that at a later stage I can select all venues that a particular user has added, and only that logged in user can view them.
I am pretty new to PHP so would appreciate as much explanation / code as possible :)
Thanks!
If you have a logged in user you will be able to identify them either through a cookie or a session. If you store their ownerid in the session variable, then you will be able to access it whenever you require
$ownerid = $_SESSION['user']
You can then use that variable in association with the selected venues, and relate them together so only this user can view them when logged in, matching their ownerid
I'm fairly new in making own code in concrete5, so I could use some help! :)
I have a reference table with event IDs and user IDs. I would like to fetch the names of all users on a givent event.
I have the two necessary IDs:
UserID: $u->getUserID();
EventID: $c->getCollectionID()
How can I make a loop in a view.php page, that creates a list of all names of the users signed up for an event? The name is in the user attribute "name".
Example: I would like to have the names of the users with user ID 1 and 4, because they have signed up for event 221 (see this image: http://www.tiikoni.com/tis/view/?id=11a89f6).
Expected result on my page: John Doe, Jane Doe
I hope someone can help me.
The image link has expired, as Ortomala replied.
Sounds like you need some custom PHP block code that SELECTs all user ids from the MySQL table that matches the EventID (the current UserID is not relevant).
Here's some example pseudo code:
"SELECT b.UserID, u.uName FROM btYourEventTable AS b, Users as u
WHERE EventID = '". $c->getCollectionID(). "' AND b.UserID = u.uID";
If you need help with this, I'm user jasteele12 on concrete5.org
Okey, so im trying to store the logged in facebook userĀ“s friends list into a MYSQL table.
Im storing the logged in user data: ID and Name;
And am storing the logged in user friends list: ID and Name;
So the table looks like this:
['facebook_user_id'] ['facebook_user_name'] ['facebook_friend_id'] ['facebook_friend_name']
123123123123 User1 23424234234234 User 20
231321231231 User2 23424234234234 User 20
So you can see that user1 and user2 has the same friend and if user friend 'User 20' change his/her name I need to update the information, but only for the logged in user, so if user1 logs in the effect will only effect him/her.
But if user1 gets a new friend I need to insert the new friend and update if theres any changes.
How should I do this with PHP? I have seen something similar but didnt work that well for me.
INSERT INTO table (facebook_user_id, facebook_user_name, facebook_friend_id, facebook_friend_name)
VALUES ('facebook_user_id' (to short it down) .....)
ON DUPLICATE KEY UPDATE (facebook_user_id=facebook_user_id (and for every entry)....)
Thanks in advance, and any pointers will help me out alot.
I think this is what you meant.
I am trying to save user A Facebook friends into a table.
When someone logs in with Facebook I am storing, their name and Facebook id. As well as their friends, Facebook id and name.
This is how I would do it. Here is my solution if you need generated schema code let me know.
-Create three tables: registered users, buddies, lookup table
table 1: registered users
[id, userId, facebookUid]
table 2: buddies
[id, buddyid, buddy name]
table 3: You need a lookup table.
[id, userId, buddyid]
Steps:
When UserA logs in with Facebook, save their buddies into the buddies table
This approach above you don't have to worry about duplicate names. If someone updates their name, it will be changed across the board.
You can use join to find who has buddies in common.
I have four different types of users login in to my website like admin, superadmin, company, and employees. Each of them have different set of pages to see but some common pages as well. Now I am having four different tables to manage them with same login screen for admin and superadmin. When either admin or superadmin logs in I will go and check two tables one by one before giving access. I have a separate login screens for company and employees. Is this the accepted way of doing it?
Actually, I want this to be changed to a single table with all users in it and a role table to differentiate the roles. I believe a four-table concept is really bad. I can't simply make it to one table because the previous developer had a habit of saving user comments and user activities in text files which is used on website.
Am I right in the way I think that a four-table login system is bad? Is storing logs in a text file that are directly used in website a good idea or not?
You have 4 tables? Just use one user table and a field that can either be 'admin', 'superadmin', 'company' or 'employees'. Then you can have unlimited types of accounts. (I would do number codes like 1,2,3 or 4 instead of string codes or ENUM type field).
But yeah, your single table idea is fine. If you want a role table, do a foreign key to your role field and link it to your role table. You can have a single login too instead of different ones for different users and check for privileges based off that foreign key value.
Here's my suggestion,
Instead of using four tables for your users, it would be better to use one.
You can create you basic user table like this (change rank to what suits your site/script):
ID username password email bla bla bla rank
So instead of using four tables, you can make your PHP script check if the user has the desired access level.
Here's a simple function to protect pages from lower access level users:
function required_level($level){
$user_level = mysql_return(mysql_query("SELECT $rank FROM `Accounts` WHERE `user_id` = $user_id"));
if($user_level<$level){
header("Location:index.php");
}
}
Then on each page you want to protect from lower level users accessing it. You can just call required_level(4); and the page will only allow users with this level or over to access the page.
Example:
Bob is a employee so he has a user rank of 1,
Joe is a superadmin so he has a user rank of 4
Both users login normally, and both try to access admin.php.
admin.php starts with required_level(4); so Bob would be redirected to the home page (you can also pass an error) but, Joe would be bale to access this page because his rank is the same or above what is required to access this page.
So, here's my super long explanation on what you can do! I hope this helps and gives you some ideas on how to make your user tables better and easier to create protect pages :)
First of all, you can do the whole thing with a single table. In that table you should have fields like username, password, typeofuser and other necessary information.
Retrieve user information like:
$username = $_POST['username']; //Retrieving a username from HTML login form
$row = mysql_query(sprintf("SELECT * FROM table WHERE username ='%s'", mysql_real_escape_string($username))); //Retrieving a row from the database
$res = mysql_fetch_array($row);
$type = $row['typeofuser']; //Retrieving whether it is administrator, super administrator, user, etc.
if ($type == "admin")
header(Loction:adminpge);
Similarly, you can check any type of user and can redirect to another page.