Any Ideas How...

[Bottyz]

Hi all,

 

I have a members area, where users sign up using register.php, which then emails us to activate them. We will then log into our admin panel to activate any users not yet activated. (have i lost you yet?) Each user will only be allowed specific access to certain areas of the site i.e. if they own 2 products out of four they can only access support pages relating to those products. The access levels will be set when we activate the user.

 

I have the majority of scripts working, the only bit i'm stumped with is the activation. Ideally, i'd like to retrieve all users with the field activated=0 (so not activated) into a table, which i can do and have got set up. Then....

 

This is where i get lost: i want to make a form for each user retrieved into the table above, with checkboxes for each area i want to allow them to, all within the same table and once submitted will activate each user at a time.

 

Any ideas on the script? I can supply what i have now if needed?

 

Thanks!!

[jammesz]

Something along these lines should work:

one.php

<form action="two.php" method="POST">
<?php
$q=mysql_query("SELECT * users WHERE activated=0");

while($r=mysql_fetch_array($q)){
?>
<?=$r['username']?><br />
<input type="hidden" name="userID[]" value="<?=$r['id']?>">
Access area one: <input type="checkbox" name="<?=$r['id']?>_A1"><br />
Access area two: <input type="checkbox" name="<?=$r['id']?>_A2"><br />
Access area three: <input type="checkbox" name="<?=$r['id']?>_A3"><br />
Access area four: <input type="checkbox" name="<?=$r['id']?>_A4">
<hr>
<?php
}
?>
<input type="submit" name="activate_submit" value="submit">
</form>

 

two.php

<?php
if(isset($_POST['activate_submit'])){
foreach($_POST['userID'] as $uID){
	$a1=$_POST[$uID.'_A1'];
	$a2=$_POST[$uID.'_A2'];
	$a3=$_POST[$uID.'_A3'];
	$a4=$_POST[$uID.'_A4'];

	// other code or mysql query (update/insert)
}
}
?>

[Bottyz]

thanks for your help! Although it seems i've still got something wrong:

 

activate.php

<?php
if (!isset($_SESSION)) {
session_start();
}

$MM_redirectLogin = "adminlogin.php";

if (!isset($_SESSION['ADMIN_Username'])) {

if (isset($_SESSION['user_agent'])) {
	if ($_SESSION['user_agent'] != md5($_SERVER['HTTP_USER_AGENT'])) {
	// Bye now Mr hacker
	session_destroy();
	header("Location: ". $MM_redirectLogin );
	exit;
	}
}

$_SESSION['ADPrevUrl'] = "updateuserauth.php";
header("Location: ". $MM_redirectLogin );
exit;
} else {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="robots" content="noindex, nofollow">
<meta name="keywords" content="">
<meta name="description" content="">
<title>Administration Area</title>
<link href="../css/adminblue.css" rel="stylesheet" type="text/css">
</head>
<!-- ImageReady Slices (Rich Web Visual3.psd) -->
<body>
<?php
include_once( 'adminbluenav.php' );
?>
	<div id="main">
		<div id="maincontent">
		<br>
		<br>
<?php
if ($_SESSION['SuprAD'] >= "2") {
?>
	<br><span style="font-size; 1.2em; color: #61d0fe;"><b><img src="../images/setuserauth.png"></b></span>
	<br><br>
<?php

// connect to db
include('../dbconnect/lh.php');

// retrieve unactivated users into table and create submit form
// note user email address is same as their_username
?>
		<div style="font-size: 1.2em; color: #61d0fe;">The following accounts have not been activated yet:</div><br>
		<form action="activateupdate.php" method="POST"> 
		<table style="border: 1px solid #61d0fe; width: 680px; background-color: #272727;"><tr>
		<td style='border: 1px; margin: 0; padding: 10px; background-color: #272727;'><b>Email:</b></td>
		<td style='border: 1px; margin: 0; padding: 10px; background-color: #272727;'><b>Name:</b></td>
		<td style='border: 1px; margin: 0; padding: 10px; background-color: #272727;'><b>Address Details:</b></td>
		<td style='border: 1px; margin: 0; padding: 10px; background-color: #272727;'><b>Telephone Number:</b></td></tr>
<?php
// set variable to current logged in user
$currentuser = $their_username;

//fetch using value below
$unact = "0";

// query the db for access levels
$sql="SELECT * FROM users WHERE activated='$unact'";
$data = mysql_query($sql, $lh) or die(mysql_error());

// retrieve the usernames and access levels
while($retrieve = mysql_fetch_array( $data )) {
		$user = $retrieve['their_username'];

		echo "<tr><td style='border: 1px; margin: 0; padding: 10px; background-color: #373737; font-size: 0.8em; vertical-align: top;'>";
		echo $user;
		echo "</td><td style='border: 1px; margin: 0; padding: 10px; background-color: #373737; font-size: 0.8em; vertical-align: top;'>";
		echo $retrieve['name'];
		echo "</td><td style='border: 1px; margin: 0; padding: 10px; background-color: #373737; font-size: 0.8em; vertical-align: top;'>";
		echo $retrieve['companyname'] . "<br>" . $retrieve['address'] . "<br>" . $retrieve['address2'] . "<br>" . $retrieve['town'] . "<br>" . $retrieve['county'] . "<br>" . $retrieve['postcode'] . "<br>" . $retrieve['country'] . "<br></td><td style='border: 1px; margin: 0; padding: 10px; background-color: #373737; font-size: 0.8em; vertical-align: top;'>";
		echo $retrieve['tel'] . "</td></tr><tr><td colspan='4' style='margin: 0; padding: 10px; background-color: #424242;'><input type='hidden' name='userID[]' value='" . $user . "'><span style='text-align: left;'>Activate the above user and allow access to:<br><br>CPM-100 area:  <input type='checkbox' name='" . $user . "_CPM'>  CPM-100H area:  <input type='checkbox' name='" . $user . "_CPMH'>  CM-200 area:  <input type='checkbox' name='" . $user . "_CM'>  CJ Pro area:  <input type='checkbox' name='" . $user . "_CJ'></span></td></tr>";
}
?>
			<tr>
			<td colspan="4" style="text-align: right; padding: 5px; background-color: #272727;">
			<input type="submit" name="activate_submit" value="  Update  ">
			</td>
			</tr>
		</table>
		</form>
		<br>
		<span>* If the above table is empty then all users have currently been activated!</span>
		<br>
		<br>
		<br>
<?php	
} else {
	echo "<br><br>";
	echo "<p style='font-size: 1.2em; color: #61d0fe;'>Unfortunately, your current authorisation level doesn't allow you access to this page. Please use a login with more privileges to access the content.</p>";
	echo "<br><br>";
}
?>
		<br>
		</div>
	</div>
<!-- End Main Content, Begin Bottom Graphic -->
	<div id="bottombar">
		<span id="copyright">&#169; 2010. All Rights Reserved.</span>
	</div>
<!-- End Bottom Graphics -->
</div>
</body>
</html>
<?php
}	
?>

 

activateupdate.php

<?php
if(isset($_POST['activate_submit'])){
   foreach($_POST['userID'] as $uID){
      $CPM=$_POST[$uID.'_CPM'];
      $CPMH=$_POST[$uID.'_CPMH'];
      $CM=$_POST[$uID.'_CM'];
      $CJ=$_POST[$uID.'_CJ'];
      $User=$_POST['userID'];
      
echo $User;
echo "<br>";
echo $CPM;
echo "<br>";
echo $CPMH;
echo "<br>";
echo $CM;
echo "<br>";
echo $CJ;
echo "<br>";

      // other code or mysql query (update/insert)
   }
   exit;
}
?>

 

If i try the above, everything populates to the table as desired (for this example there are two unactivated users), but if i click update the variables don't retrieve data, all i get echoed out is:

 

Array

<br>

<br>

<br>

<br>

<br>

Array

<br>

<br>

<br>

<br>

<br>

 

in the activateupdate.php. Which suggests to me that the number of arrays is being pickedup but the variables aren't passing?

 

any ideas?

 

 

[jammesz]

My response before was just a basic guideline.

 

This will work though:

<?php
if(isset($_POST['activate_submit'])){
   foreach($_POST['userID'] as $uID){
      
echo $uID;
echo "<br>";
$CPM = isset($_POST[$uID.'_CPM']) ? 'yes' : 'no';
echo $CPM;
echo "<br>";
$CPMH = isset($_POST[$uID.'_CPMH']) ? 'yes' : 'no';
echo $CPMH;
echo "<br>";
$CM = isset($_POST[$uID.'_CM']) ? 'yes' : 'no';
echo $CM;
echo "<br>";
$CJ = isset($_POST[$uID.'_CJ']) ? 'yes' : 'no';
echo $CJ;
echo "<br>";


      // other code or mysql query (update/insert)
   }
   exit;
}
?>

[Bottyz]

My response before was just a basic guideline.

 

This will work though:

<?php
if(isset($_POST['activate_submit'])){
   foreach($_POST['userID'] as $uID){
      
echo $uID;
echo "<br>";
$CPM = isset($_POST[$uID.'_CPM']) ? 'yes' : 'no';
echo $CPM;
echo "<br>";
$CPMH = isset($_POST[$uID.'_CPMH']) ? 'yes' : 'no';
echo $CPMH;
echo "<br>";
$CM = isset($_POST[$uID.'_CM']) ? 'yes' : 'no';
echo $CM;
echo "<br>";
$CJ = isset($_POST[$uID.'_CJ']) ? 'yes' : 'no';
echo $CJ;
echo "<br>";


      // other code or mysql query (update/insert)
   }
   exit;
}
?>

 

Thanks! I did kinda figure out i forgot the = sign after each <? and that was the reason no results were being forwarded! D'oh!!  but tis cool now tho

 

 

One more thing if i may?

 

I want to get the activate script to skip any records where all the checkboxes are no, and not activate that field. I can't think of an easy way to get it to fall through the if statements though and skip to the next record.

 

If i put

 

if($CPM=='no' && $CPMH=='no' && $CM=='no' && $CJ=='no') {

 

I can captcha any records that don't have the checkboxes set but have no idea what code i could put to make it skip the mysql update. If i instead use a load of if statements for all the varying possibilities i can duplicate the mysql update query to each of the possible outcomes, but is there a quicker way?

 

:D :D :D

[jammesz]

I don't know what your database structure is so i cant really help you specifically. In other words what your asking can be done many ways but it all depends on the database structure.

 

So if you can post it on here than I won't have to type out all the different ways .

 

 

[Bottyz]

I think i've figured out a semi quick way, its not pretty but it should work:

 

<?php
if(isset($_POST['activate_submit'])){
   foreach($_POST['userID'] as $uID){
      $CPM=$_POST[$uID.'_CPM'];
      $CPMH=$_POST[$uID.'_CPMH'];
      $CM=$_POST[$uID.'_CM'];
      $CJ=$_POST[$uID.'_CJ'];
      
echo $uID;
echo "<br>";
$CPM = isset($_POST[$uID.'_CPM']) ? '1' : '0';
echo $CPM;
echo "<br>";
$CPMH = isset($_POST[$uID.'_CPMH']) ? '1' : '0';
echo $CPMH;
echo "<br>";
$CM = isset($_POST[$uID.'_CM']) ? '1' : '0';
echo $CM;
echo "<br>";
$CJ = isset($_POST[$uID.'_CJ']) ? '1' : '0';
echo $CJ;
echo "<br>";
if($CPM=='1') {
	// activate user and set user auths
	// other code or mysql query (update/insert)
} 
elseif ($CPM=='1') {
	// activate user and set user auths
	// other code or mysql query (update/insert)
}
elseif ($CPMH=='1') {
	// activate user and set user auths
	// other code or mysql query (update/insert)
}
elseif ($CM=='1') {
	// activate user and set user auths
	// other code or mysql query (update/insert)
}
elseif ($CJ=='1') {
	// activate user and set user auths
	// other code or mysql query (update/insert)
}
else
// skip user and don't activate or set user auths
   }
   exit;
}
?>

 

The above should work because as long as at least one checkbox equals '1' (or yes) it can activate, i only want it to skip the activate if no checkbox has been ticked.

 

Does that make more sense??

[jammesz]

Yes it does. That method will work

[Bottyz]

I can now probably say that your only updating one field in the database.

 

No, there are four seperate fields in the db, one for each of the checkbox variables. If the field equals 1 then the user can access that area, if it equals zero they can't. And if all of them equal 0 then they shouldn't be activated, which again is a seperate field where 1 equals activated and 0 equals not.

 

But i can take it from here, many thanks for all your help

[jammesz]

I can now probably say that your only updating one field in the database.

 

No, there are four seperate fields in the db, one for each of the checkbox variables. If the field equals 1 then the user can access that area, if it equals zero they can't. And if all of them equal 0 then they shouldn't be activated, which again is a seperate field where 1 equals activated and 0 equals not.

 

But i can take it from here, many thanks for all your help

 

Your welcome.

 

BTW, ignore the code that I sent in my previous post (the one containing 'I can now probably say that your only updating one field in the database.'). I made a big mistake in it lol.