Jump to content

how to implement session to retrieve current user's content?


Recommended Posts

hi,
now i'm trying to develope an web application for my site.
i'll later assign privilege for some of my fren. then, some of them will be assign as person who will receive their own

feedback. each time they login, they can view their own feedback. hmmm.. sounds like an email system.
i guess i need to use session to achieve that, but i'm not sure how to do that in dreamweaver yet. For passing varialble with

URL, i know it. but for this "session" things, i'm blur on how to gather session information, store it, then retrieve it.
hope u guys can have a look on my coded (i do it with dreanweaver 8), and then provide me comment.

provided here is code for 3 sample page that roughly demonstrate my target. in page 2, got further description(vie the code,

or save in .html for the description.

thanks. 
===============================
page 1,login page, loginv2.php
===============================
<?php require_once('Connections/cbs.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "privilege";
  $MM_redirectLoginSuccess = "support_centerv2.php";
  $MM_redirectLoginFailed = "loginv2.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_cbs, $cbs);
 
  $LoginRS__query=sprintf("SELECT username, password, privilege FROM user WHERE username='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password :

addslashes($password));
 
  $LoginRS = mysql_query($LoginRS__query, $cbs) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
   
    $loginStrGroup  = mysql_result($LoginRS,0,'privilege');
   
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<form action="<?php echo $loginFormAction; ?>" method="POST" enctype="multipart/form-data" name="LoginForm" id="LoginForm">
  <table width="50%" border="1" align="center" cellpadding="5" cellspacing="0">
    <tr>
      <td>Username</td>
      <td><input name="username" type="text" id="username"></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input name="password" type="text" id="password"></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Login"></td>
    </tr>
  </table>
</form>

===========================================
page 2, function page, support_centerv2.php
===========================================
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>This is the page immediately displayed after an user login successfuly.</p>
<table width="100%" border="1" cellspacing="0" cellpadding="5">
  <tr>
    <td>Sample Content (links) </td>
    <td>Description</td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td><a href="user_managementv2.php">User Management</a></td>
    <td><ul>
      <li>These content should be visible to user with &quot;admin&quot; of privilege level. </li>
    </ul></td>
    <td rowspan="2"><ul>
      <li>i guess have to use session to achieve these features. For the &quot;personal feedback&quot;, how i use dreamweaver

to capture session information, then pass that information to the next page? So as how should i use dreamweaver, to get

current user's session information, then based on that, retrieve from database that user's feedback?</li>
      <li>how should i include the session parameter in url of &quot;Personal Feedback&quot;? </li>
    </ul></td>
  </tr>
  <tr>
    <td><a href="personal_feedbackv2.php">Personal Feedback</a></td>
    <td><ul>
      <li>Only user with &quot;admin&quot; and &quot;staff&quot; of privilege level will  </li>
      <li>When user A click on this link, only feedback that directed to user A will be listed out on the next page,

personal_feedbackv2.php. </li>
      <li>in this sample, we will use &quot;user A&quot;. </li>
    </ul></td>
  </tr>
</table>
</body>

</html>

=====================================================
page 3, personal data's page, personal_feedbackv2.php
=====================================================
<?php require_once('Connections/cbs.php'); ?>
<?php
$maxRows_get_feedback = 10;
$pageNum_get_feedback = 0;
if (isset($_GET['pageNum_get_feedback'])) {
  $pageNum_get_feedback = $_GET['pageNum_get_feedback'];
}
$startRow_get_feedback = $pageNum_get_feedback * $maxRows_get_feedback;

$colname_get_feedback = "-1";
if (isset($_SESSION['staff'])) {
  $colname_get_feedback = (get_magic_quotes_gpc()) ? $_SESSION['staff'] : addslashes($_SESSION['staff']);
}
mysql_select_db($database_cbs, $cbs);
$query_get_feedback = sprintf("SELECT * FROM feedback WHERE staff = '%s'", $colname_get_feedback);
$query_limit_get_feedback = sprintf("%s LIMIT %d, %d", $query_get_feedback, $startRow_get_feedback, $maxRows_get_feedback);
$get_feedback = mysql_query($query_limit_get_feedback, $cbs) or die(mysql_error());
$row_get_feedback = mysql_fetch_assoc($get_feedback);

if (isset($_GET['totalRows_get_feedback'])) {
  $totalRows_get_feedback = $_GET['totalRows_get_feedback'];
} else {
  $all_get_feedback = mysql_query($query_get_feedback);
  $totalRows_get_feedback = mysql_num_rows($all_get_feedback);
}
$totalPages_get_feedback = ceil($totalRows_get_feedback/$maxRows_get_feedback)-1;
?><table width="100%" border="1" cellspacing="0" cellpadding="5">
  <tr>
    <td>Id</td>
    <td>Staff (receiper of the feedback, should only show &quot;user A&quot; since this is personal feedback) </td>
    <td>From</td>
    <td>Tel</td>
    <td>Feedback Subject </td>
  </tr>
  <?php do { ?>
    <tr>
      <td>&nbsp;<?php echo $row_get_feedback['id']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['staff']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['name']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['tel']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['feedback_subject']; ?></td>
    </tr>
    <?php } while ($row_get_feedback = mysql_fetch_assoc($get_feedback)); ?>
</table>
<?php
mysql_free_result($get_feedback);
?>
Link to comment
Share on other sites

i did store all in database, the feedbacks, user's information, their privilege, everything.
what i mean, is that in php, we got session, right?
so once user login, a session will be established as the code above,

if (!isset($_SESSION)) {
  session_start();
}

then, my problem is, how i write the code (or better say, how to use dreamweaver..)to recognize current user, untill they logout, so that when they access"personal feedback", only feedback that directed that user, will be retrieved, based on session parameter.
Link to comment
Share on other sites

ya,i had looked on some instructions online, but i can't get it.
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_16563
especially the recordset dialog
or if  possible, can you or anyone point out the code above, which i need to modify?
Link to comment
Share on other sites

ok, now i'm had finished the feedback part, using session.
but now i got another problem, which is, i upload files for few company.
in the table that maintaine the file's info(i.e file id, file name, path, size, type...) i also maintain the company name, who is authorized to download that file.
for the user, i also maintain a colum, "company".
so, in the end, after user A login, only files with the "company" column match user A's company name will be listed, and ready for download.

i'm thinking of how to do that now. i'll post the code later, if i failed to do it myself.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.