from table to session how to ?

[wildteen88]

OKay,Lets see what stored in $_SESSION change your code to

mysql_select_db($database_vekipman, $vekipman);
$query_URUNS = "SELECT `session_user` FROM urunler";
$URUNS = mysql_query($query_URUNS, $vekipman) or die(mysql_error());
$row_URUNS = mysql_fetch_array($URUNS);
$totalRows_URUNS = mysql_num_rows($URUNS);
$_SESSION['session_user']=$row_URUNS['session_user'];

if($_SESSION['login_id'] != $_SESSION['session_user']) {
   $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
          //header('Location: ' . $home_url);
    echo "<pre>" . print_r($_SESSION, true) . "</pre>";
} else {
echo 'Sorry but ' . $_SESSION['login_id'] . ' was equal to ' . $_SESSION['session_user'];
}

[dgnzcn]

giving ths message, looks like the two sessions is same

 

Sorry but 1 was equal to 1

 

[wildteen88]

So what are you wanting the code to do? I re-read this thread and I am confused. Maybe you need to give more of an explanation of what you're trying to do.

[PFMaBiSmAd]

The current code being 'tested' did not come directly from the OP and since it does not have a WHERE clause to specify which data is retrieved, there is no chance of it working.

[dgnzcn]

So what are you wanting the code to do? I re-read this thread and I am confused. Maybe you need to give more of an explanation of what you're trying to do.

 

when user is registered, ID's is recorded in two places like this : in USERS table , and PRODUCT table

 

ILANS.PHP page : each user is getting  products listing, but filtering via own ID

 

ILAN_EDIT.php page : this page product edit page.  problem was this page, all users can edited, deleted, all the other  users product.

 

this is a michael's product edit page :  index.php?go=ILAN_EDIT&id=12

but, george user if write down to this same link and paste to adress bar, it can directly edit or delete michaels product. I don't want this.

 

[wildteen88]

Then you want to check to see if $_SESSION['_login_id'] is equal to $_GET['id'] at the top of your script

<?php
session_start();

if(!isset($_SESION['_login_id']))
{
    echo 'You must be logged into view this page';
}
elseif(isset($_SESSION['_login_id']) && $_SESSION['_login_id'] != $_GET['id']))
{
     echo 'You cannot edit another users product!';
}
else
{
     // your code here for editing the product
}
?>

[dgnzcn]

OK, I TRYED BUT GETTING ERROR.

 

Parse error: syntax error, unexpected ')' in F:\sank\WEB\viman\ilan_edit.php on line 13

elseif(isset($_SESSION['_login_id']) && $_SESSION['_login_id'] != $_GET['id']))  // LINE 13

 

[wildteen88]

I typed an extra ) by mistake. Line 13 corrected.

elseif(isset($_SESSION['_login_id']) && $_SESSION['_login_id'] != $_GET['id'])

[dgnzcn]

Then you want to check to see if $_SESSION['_login_id'] is equal to $_GET['id'] at the top of your script

 

I want this : in product page,  $_SESSION['_login_id'],  if different to $_SESSION['session_username'], then go to index.php

 

but session_username  is getting from product table, and _login_id is getting from users table.

 

both sessions are number

[dgnzcn]

I want this : in product page,  $_SESSION['_login_id'],  if different to $_SESSION['session_username'], then go to index.php

 

but session_username  is stored in product table, and _login_id is stored in users table.

 

both sessions are number

[wildteen88]

I have no idea what you're doing. You're just confusing the hell out of me.

 

Post your whole code here.

[dgnzcn]

soryy   my bad english language...

 

i have got the, two database table.

 

first table is : users table : _login_id, username, mail, name, activation, randomcode.

 

second table is : product table : id, product_name, session_user (this is same as user table _login_id, when user is registered recorded a user id also here)

 

i have a product_edit.php page for registered users.

 

in product_edit.php page i wanna this : sessions are, if _login_id different from session_user , then go to index.php

 

this is very simple, but i can not tell you. my bad language english

 

 

[wildteen88]

Right. So when the user successfully logs in you create the $_SESSION['_login_id'] variable? Correct.

 

If thats the case then you should be able to do

<?php
session_start();

// connect to mysql here

$query = "SELECT session_user FROM product_table WHERE session_user = '{$_SESSION['_login_id']}";
$result = mysql_query($query);

if($result)
{
    // session_user doesn't match $_SESSION['_login_id'] redirect to index.php
    if(mysql_num_rows($result) == 0)
    {
        header('Location: index.php');
    }
    // there is a match. Display the page
    else
    {
        echo 'session_user matches _login_id! Continue displaying rest of page!';
    }
}
else
{
    trigger_error('There is a problem with: mysql_error(), E_USER_ERROR);
}

?>

[dgnzcn]

giving error

 

Parse error: syntax error, unexpected T_STRING in  on line 34

[wildteen88]

Left off a quote, on line 34

    trigger_error('There is a problem with: ' . mysql_error(), E_USER_ERROR);

 

Also the query is wrong

$query = "SELECT session_user FROM product_table WHERE session_user = '{$_SESSION['_login_id']}";

It should be

$query = "SELECT session_user FROM product_table WHERE session_user = '{$_SESSION['_login_id']}'";