Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am building a tourism platform and I am planning to have the following users table:
USERS: id, username, password, email, first_name, last_name, description, picture_path
My goal is to have two groups of users:
tour operators
tourists
When a tour operator logs in, I want the system to recognize that he is from the group "tour operators" so that different information is going to be displayed him as if he was part of the "tourists" group.
My question: What is the best way to realize these two user groups in my database design?
You should have UserCategories table:
CREATE TABLE `UserCategories` (
UC_ID INT PRIMARY KEY AUTO_INCREMENT,
IC_Title VARCHAR(100)
)engine=innodb;
Then in your users table have a column called CategoryID and have it reference UserCategories table on UC_ID = CategoryID.
This way you will know which category user belongs to whether its operator ID 1 or tourist ID 2.
The way I would do it is I would have another table call it Permissions that references Permission to UserCategories. That way you will be able to customize what kind of access Tourists should have.
Update:
SELECT COLUMN1, COLUMN2 ...
FROM users
INNER JOIN UserCategories ON UC_ID = CategoryID
INNER JOIN Permissions ON UC_ID = PCategoryID
WHERE Permission = 'update_data' OR Permission = 'delete_data'
Or you could grab all permissions for a specific user category and see if currently logged in user has that permission to perform that action.
An easy method of doing this would be to add a column to your USERS table which store the type of the group. For example: groupType could store either operator or tourist and depending on that value, you can show or hide stuff in your page.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I am trying to fetch bulk data from a website database but could not succeed. Can somebody suggest if SQL injection is possible and how to do in this case.
There are many ways to do SQL Injection to a website similar to the one you provided.
In the where clause it is expecting ac_no. I assume that this value is being passed from the browser as user input. In that case you can pass ac_no value along with or 1 = 1. e.g where ac_no = 123 or 1 = 1. It returns everything from the table RollPdf1.
For string comparison you can add "" = "" to the where clause.
If you want to perform other select operations ( if you know other table names) then you can append select statements delmited by ;.
UNION operator :
If you know the data types of the columns selected in the query then you can use UNION to get additional data from other tables.
e.g
original query : select name, age, sex from table1 where id = 1
sql injected query : select name, age, sex from table1 where id = 1 AND 1 = 2 UNION select username, id, password from userstable or someother table.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I have the following tables in my database
students
teachers
address
I Want to store basic information about students and teacher in its own table, but the address and contact information in address table. If I store the student_id or teacher_id in address table, the student might have same id as any teacher. If I try to query any teacher address by teacher_id. It will query the student who has the same id as well.
So what the best way to figure out this problem? should I create any other table as well or ....
Please suggest me an easiest and best approach.
thanks.
see th above example. i think best way for solving your problem.
One of the best approach is you have to create a new table called Users. See the bellow tables,
1. Users
id
user_type (student/teacher)
name
2. Teachers
id
user_id (fk - users)
address_id (fk - address)
subject
hours
3. Students
id
user_id (fk - users)
address_id (fk - address)
mark
4. Address
id
address1
address2
This way a student or a teacher can refer their address.
I think the best way would be to structure your tables students and teachers with a field address_id which should point towards the id in address table.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have a few tables in my script that I need to create a timeline from all of them. The main tables are "posts" - "likes" - "comments".
posts table has rows: PID - UID - title - time_added.
likes table has rows: LID - PID - UID - time_added.
comments table has rows: CID - PID - UID - time_added.
users table has rows: UID - username.
I'm creating a page in the users' profiles called: "Timeline". It should show the actions of the user sorted by time. UID refers to the user ID.
Data example while browsing that page:
User Commented on Post xxxx at xxx_time_added_xxx.
User Liked post xxxx at xxx_time_added_xxx.
User added Post xxxx at xxx_time_added_xxx.
Is there's a way or MySQL query that can combine all these tables and arrange them by time_added?
I thought of creating a new MySQL table: user_timeline that has rows:
TID - UID - PID - LID - CID
And after each action (Post, Like, Comment) and new row is inserted in that table according to the action and add the action ID in the corresponding field and leave the others null. Then call them combined with the related table, if possible.
you can with UNION and aliasing:
select * from ((select 1 as type,time_added from posts where ...) union (select 2 as type,time_added from likes where ...) ...) order by time_added asc
NOTE: Column selection must have the same order in regards to the column type.
Do not do:
(select 1 as type,time_added from posts where ...) union (select time_added,2 as type from likes where ...)
Or if you don`t select the same number of columns in subqueries:
SQLSTATE[21000]: Cardinality violation: 1222 The used SELECT statements have a different number of columns
Your result set will be an multi dimensional array as follows:
array(array('type'=>1,'time_added'=>'...'),array('type'=>2,'time_added'=>'...'));
By TYPE you know if it is a post or a like
Hope this helps
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have a database of 2 tables users and classes each user may have many classes so I added a third table called userClasses which had user ID and class ID , so when I want to delete the user from users table, I need to delete it from the UserClasse table too.
And I did that request :
$id = $_GET['id']; // already passed through URL using GET method .
$del = $db->prepare("DELETE FROM users,userClasses WHERE users.id= :id, userClasses.userID= :id");
$del->bindParam(':id',$id);
$del->execute();
But it won't DELETE! Nothing happens, is there any solution please & how ?
Your SQL is nonsense - where is the 'salleresp' table?
You can't delete a joined result set. Either declare your tables using foreign key constraints or run 2 delete queries - one for users and one for userClasses.
If there is a foreign key constraint you will not be able to delete entries from both tables in one query. However, if there isn't such a constraint, the following would work:
DELETE u.*, uc.*
FROM users u
LEFT JOIN userClasses uc
ON u.id = uc.userID
WHERE u.id= :id
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
Well so I got a tiny problem, I got a db and 2 tables like this
Table User
user_id
Table UserrToData
user_id int pk
data_id int
Table UserData
data_id
name
nick
I got the user_id and i need to get records from the userdata , is it possible using 1 query?
Of course, if anyone know how I would really appreciate if he would help me : )
For the selecting I got only the relationship user_id > data_id
update
Guys I got huge db I just simplified the problem to the minimum ^_-
Hope this helps:
SELECT name, nick
FROM UserToData utd INNER JOIN UserData ud ON utd.data_id = ud.data_id
WHERE utd.user_id = [supplied userid]
With such little data, however, there is no need for separate tables, just store name and nick in the User table:
Table User
user_id pk
name
nick
You should overthink your database design. The highest aim is always to prevent redundancies.
If you want the user to have more than one userdata entry you should define your database like this:
Table User
user_id pk
Table UserData
data_id pk
user_id fk
name
nick
So the query would be SELECT * FROM UserData WHERE user_id = ?.
If you only want the user to have one set of userdata you should integrate it into the user table:
Table User
user_id pk
name
nick
So the query would be SELECT * FROM User WHERE user_id = ?.
Why have you put the name and nick in a separate table? You can just put the data in one user table. Might be wise to learn more about how to formulate entities and relations in your database.
Either way, if you ever need to do something like this in Zend at a later time, you can use Zend_Db_Select and do a join. Lookie lookie: http://framework.zend.com/manual/1.12/en/zend.db.select.html#zend.db.select.building.join