Need some help checking if two fields match up in php

[craigtolputt]

Hi Guys,

 

I need help desperatley please...

 

On my flash page i have a text field username.

 

I have a flash form which enters details into a database using php.  This works fine and it enters the following details...

 

username

code number

first name

last name

company

address1

address2

city

postcode

telephone

start date ( auto date field )

item

make

model

serial number

location

 

Now i have had someone help me on a new flash form which updates the details in the database by searching for an item

 

so theres a field called item then a button saying edit details when the user enters say Mobile phone then clicks the button it goes and gets all the relevant details for that item

 

BUT i need it to check the username against the code number then only return the details with say mobile phone in the details to the site???

 

is this easy to add in

 

here is the code that loads the details

<?php
require_once('variables.php');
if (!get_magic_quotes_gpc()) {
  foreach($_POST as $key=>$value) {
    $temp = addslashes($value);
    $_POST[$key] = $temp;
    }
  }
//
$db = new Database($dbhost,$dbusername,$dbpassword,$dbdbname);
$sql = 'SELECT * FROM '.$_POST['tablename'].' WHERE `Item` = "'.$_POST['Item'].'" LIMIT 1';
$result = $db->query($sql);
$numrows = $result->num_rows;
$details = "total=$numrows";
$counter = 0;
while ($row = $result->fetch_assoc()) {
$details .= '&Item'.$counter.'='.urlencode($row['Item']);
$details .= '&FirstName'.$counter.'='.urlencode($row['FirstName']);
$details .= '&LastName'.$counter.'='.urlencode($row['LastName']);
$details .= '&Company'.$counter.'='.urlencode($row['Company']);
$details .= '&Address1'.$counter.'='.urlencode($row['Address1']);
$details .= '&Address2'.$counter.'='.urlencode($row['Address2']);
$details .= '&City'.$counter.'='.urlencode($row['City']);
$details .= '&Postcode'.$counter.'='.urlencode($row['Postcode']);
$details .= '&PhoneNumber'.$counter.'='.urlencode($row['PhoneNumber']);
$details .= '&Location'.$counter.'='.urlencode($row['Location']);
$details .= '&Identifier'.$counter.'='.urlencode($row['Identifier']);
$counter++;
}
$db->close();
echo $details;
?>

 

I hope this makes sense to someone with alot more knowledge ..

[grim1208]

Not sure what you're asking here.

 

You want to check username against code number what code number?  The userid?  Then just outputting the data in the database that correlates to that SPECIFIC user?  or several?

 

 

[Maq]

Assuming your field names from the form and the field names from your DB are "username" and "code_number".  This will also display an error if the username and code number do not match up.

 

$sql = 'SELECT * FROM '.$_POST['tablename'].' WHERE `Item` = "'.$_POST['Item'].'" AND `username` = "'.$_POST['username'].'" AND `code_number` = "'.$_POST['code_number'].'" LIMIT 1';
$result = $db->query($sql);
$numrows = $result->num_rows;
$details = "total=$numrows";
$counter = 0;
if($numrows > 0) {
while ($row = $result->fetch_assoc()) {
   $details .= '&Item'.$counter.'='.urlencode($row['Item']);
   $details .= '&FirstName'.$counter.'='.urlencode($row['FirstName']);
   $details .= '&LastName'.$counter.'='.urlencode($row['LastName']);
   $details .= '&Company'.$counter.'='.urlencode($row['Company']);
   $details .= '&Address1'.$counter.'='.urlencode($row['Address1']);
   $details .= '&Address2'.$counter.'='.urlencode($row['Address2']);
   $details .= '&City'.$counter.'='.urlencode($row['City']);
   $details .= '&Postcode'.$counter.'='.urlencode($row['Postcode']);
   $details .= '&PhoneNumber'.$counter.'='.urlencode($row['PhoneNumber']);
   $details .= '&Location'.$counter.'='.urlencode($row['Location']);
   $details .= '&Identifier'.$counter.'='.urlencode($row['Identifier']);
   $counter++;
}
} else {
   echo "Your user name does not match your code number...";
} 
$db->close();
echo $details;
}
?>

[craigtolputt]

YEah so basically they enter there username, code number which they know and an item name and then it checks to see if the username and code number match then display the details for that item

 

cheers for the replies i will try it out today

 

cheers

 

\craig

[craigtolputt]

That didnt seem to work it just returns Undefined...

 

the fields from flash i want to check are username, Identifier and then display the details for the Item

[craigtolputt]

Ok i got it working with some treaking about....

 

I used this code in the end and seems to work fine

 

<?php

require_once('variables.php');

if (!get_magic_quotes_gpc()) {

  foreach($_POST as $key=>$value) {

    $temp = addslashes($value);

    $_POST[$key] = $temp;

    }

  }

//

$db = new Database($dbhost,$dbusername,$dbpassword,$dbdbname);

$sql = 'SELECT * FROM '.$_POST['tablename'].' WHERE `Item` = "'.$_POST['Item'].'" AND `Identifier` = "'.$_POST['Identifier'].'" AND `username` = "'.$_POST['username'].'" LIMIT 1';

$result = $db->query($sql);

$numrows = $result->num_rows;

$details = "total=$numrows";

$counter = 0;

while ($row = $result->fetch_assoc()) {

$details .= '&Item'.$counter.'='.urlencode($row['Item']);

$details .= '&Identifier'.$counter.'='.urlencode($row['Identifier']);

$details .= '&FirstName'.$counter.'='.urlencode($row['FirstName']);

$details .= '&LastName'.$counter.'='.urlencode($row['LastName']);

$details .= '&Company'.$counter.'='.urlencode($row['Company']);

$details .= '&Address1'.$counter.'='.urlencode($row['Address1']);

$details .= '&Address2'.$counter.'='.urlencode($row['Address2']);

$details .= '&City'.$counter.'='.urlencode($row['City']);

$details .= '&Postcode'.$counter.'='.urlencode($row['Postcode']);

$details .= '&PhoneNumber'.$counter.'='.urlencode($row['PhoneNumber']);

$details .= '&Location'.$counter.'='.urlencode($row['Location']);

$counter++;

}

$db->close();

echo $details;

?>