Jump to content

Archived

This topic is now archived and is closed to further replies.

uqoo61

how to implement session to retrieve current user's content?

Recommended Posts

hi,
now i'm trying to develope an web application for my site.
i'll later assign privilege for some of my fren. then, some of them will be assign as person who will receive their own

feedback. each time they login, they can view their own feedback. hmmm.. sounds like an email system.
i guess i need to use session to achieve that, but i'm not sure how to do that in dreamweaver yet. For passing varialble with

URL, i know it. but for this "session" things, i'm blur on how to gather session information, store it, then retrieve it.
hope u guys can have a look on my coded (i do it with dreanweaver 8), and then provide me comment.

provided here is code for 3 sample page that roughly demonstrate my target. in page 2, got further description(vie the code,

or save in .html for the description.

thanks. 
===============================
page 1,login page, loginv2.php
===============================
<?php require_once('Connections/cbs.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "privilege";
  $MM_redirectLoginSuccess = "support_centerv2.php";
  $MM_redirectLoginFailed = "loginv2.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_cbs, $cbs);
 
  $LoginRS__query=sprintf("SELECT username, password, privilege FROM user WHERE username='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password :

addslashes($password));
 
  $LoginRS = mysql_query($LoginRS__query, $cbs) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
   
    $loginStrGroup  = mysql_result($LoginRS,0,'privilege');
   
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<form action="<?php echo $loginFormAction; ?>" method="POST" enctype="multipart/form-data" name="LoginForm" id="LoginForm">
  <table width="50%" border="1" align="center" cellpadding="5" cellspacing="0">
    <tr>
      <td>Username</td>
      <td><input name="username" type="text" id="username"></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input name="password" type="text" id="password"></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Login"></td>
    </tr>
  </table>
</form>

===========================================
page 2, function page, support_centerv2.php
===========================================
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>This is the page immediately displayed after an user login successfuly.</p>
<table width="100%" border="1" cellspacing="0" cellpadding="5">
  <tr>
    <td>Sample Content (links) </td>
    <td>Description</td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td><a href="user_managementv2.php">User Management</a></td>
    <td><ul>
      <li>These content should be visible to user with &quot;admin&quot; of privilege level. </li>
    </ul></td>
    <td rowspan="2"><ul>
      <li>i guess have to use session to achieve these features. For the &quot;personal feedback&quot;, how i use dreamweaver

to capture session information, then pass that information to the next page? So as how should i use dreamweaver, to get

current user's session information, then based on that, retrieve from database that user's feedback?</li>
      <li>how should i include the session parameter in url of &quot;Personal Feedback&quot;? </li>
    </ul></td>
  </tr>
  <tr>
    <td><a href="personal_feedbackv2.php">Personal Feedback</a></td>
    <td><ul>
      <li>Only user with &quot;admin&quot; and &quot;staff&quot; of privilege level will  </li>
      <li>When user A click on this link, only feedback that directed to user A will be listed out on the next page,

personal_feedbackv2.php. </li>
      <li>in this sample, we will use &quot;user A&quot;. </li>
    </ul></td>
  </tr>
</table>
</body>

</html>

=====================================================
page 3, personal data's page, personal_feedbackv2.php
=====================================================
<?php require_once('Connections/cbs.php'); ?>
<?php
$maxRows_get_feedback = 10;
$pageNum_get_feedback = 0;
if (isset($_GET['pageNum_get_feedback'])) {
  $pageNum_get_feedback = $_GET['pageNum_get_feedback'];
}
$startRow_get_feedback = $pageNum_get_feedback * $maxRows_get_feedback;

$colname_get_feedback = "-1";
if (isset($_SESSION['staff'])) {
  $colname_get_feedback = (get_magic_quotes_gpc()) ? $_SESSION['staff'] : addslashes($_SESSION['staff']);
}
mysql_select_db($database_cbs, $cbs);
$query_get_feedback = sprintf("SELECT * FROM feedback WHERE staff = '%s'", $colname_get_feedback);
$query_limit_get_feedback = sprintf("%s LIMIT %d, %d", $query_get_feedback, $startRow_get_feedback, $maxRows_get_feedback);
$get_feedback = mysql_query($query_limit_get_feedback, $cbs) or die(mysql_error());
$row_get_feedback = mysql_fetch_assoc($get_feedback);

if (isset($_GET['totalRows_get_feedback'])) {
  $totalRows_get_feedback = $_GET['totalRows_get_feedback'];
} else {
  $all_get_feedback = mysql_query($query_get_feedback);
  $totalRows_get_feedback = mysql_num_rows($all_get_feedback);
}
$totalPages_get_feedback = ceil($totalRows_get_feedback/$maxRows_get_feedback)-1;
?><table width="100%" border="1" cellspacing="0" cellpadding="5">
  <tr>
    <td>Id</td>
    <td>Staff (receiper of the feedback, should only show &quot;user A&quot; since this is personal feedback) </td>
    <td>From</td>
    <td>Tel</td>
    <td>Feedback Subject </td>
  </tr>
  <?php do { ?>
    <tr>
      <td>&nbsp;<?php echo $row_get_feedback['id']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['staff']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['name']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['tel']; ?></td>
      <td>&nbsp;<?php echo $row_get_feedback['feedback_subject']; ?></td>
    </tr>
    <?php } while ($row_get_feedback = mysql_fetch_assoc($get_feedback)); ?>
</table>
<?php
mysql_free_result($get_feedback);
?>

Share this post


Link to post
Share on other sites
Actually, if you're trying to make something of an email system, you should rather store it in text files or a database, instead of sessions. Unless I misunderstood what you are looking for.

Share this post


Link to post
Share on other sites
i did store all in database, the feedbacks, user's information, their privilege, everything.
what i mean, is that in php, we got session, right?
so once user login, a session will be established as the code above,

if (!isset($_SESSION)) {
  session_start();
}

then, my problem is, how i write the code (or better say, how to use dreamweaver..)to recognize current user, untill they logout, so that when they access"personal feedback", only feedback that directed that user, will be retrieved, based on session parameter.

Share this post


Link to post
Share on other sites
Well, you should use a parameter in the recordset dialog linked to the user's session ID.

Share this post


Link to post
Share on other sites
ya,i had looked on some instructions online, but i can't get it.
http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_16563
especially the recordset dialog
or if  possible, can you or anyone point out the code above, which i need to modify?

Share this post


Link to post
Share on other sites
What version of Dreamweaver are you using? It should be as simple as setting it to only pull records from the database with the same user ID as the logged-in user.

Share this post


Link to post
Share on other sites
ok, now i'm had finished the feedback part, using session.
but now i got another problem, which is, i upload files for few company.
in the table that maintaine the file's info(i.e file id, file name, path, size, type...) i also maintain the company name, who is authorized to download that file.
for the user, i also maintain a colum, "company".
so, in the end, after user A login, only files with the "company" column match user A's company name will be listed, and ready for download.

i'm thinking of how to do that now. i'll post the code later, if i failed to do it myself.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.