Jump to content

Recommended Posts

I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own.  Tell me what codes would be helpful and i will send them on in.  By the way, i do have a script that allows members to edit own profile.

Post the current code you have (I know you have some ;P).

here code from other thread:

<?php
session_start(); // Must start session first thing
/*
Created By Adam Khoury @ [url=http://'http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
// Here we run a login check
if (!isset($_SESSION['id'])) {
echo 'Please <a href="login.php">log in</a> to access your account';
exit();
}
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];

// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' limit 1");
while($row = mysql_fetch_array($sql)){
$id = $row['id'];

}



// Process the form if it is submitted
if ($_POST['rank']) {
      $badges = $_POST['badges'];
   $rank = $_POST['rank'];
$sql = mysql_query("UPDATE scoutinfo SET   badges='$badges', rank='$rank', id='$id'");
printf("Records updated: %d\n", mysql_affected_rows())
;


exit();
} // close if post
?>


 

and here edit profile:

<?php
session_start(); // Must start session first thing
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
// Here we run a login check
if (!isset($_SESSION['id'])) {
echo 'Please <a href="login.php">log in</a> to access your account';
exit();
}
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];



// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
        <li class="TabbedPanelsTab" tabindex="0">My Info</li>
        <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
        <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
  </ul>
      <div class="TabbedPanelsContentGroup">
        <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
  <table align="center" cellpadding="8" cellspacing="8">
   <tr>   <?php if ($accounttype == "Scout") {
?>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr><?php
   }
  ?>
      
      
   <tr>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td>Phone Number:</td>
      <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Address:</div></td>
      <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td>
      </tr>
    <tr>
      <td><div align="right">City:</div></td>
      <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">State:</div></td>
      <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Zip Code:</div></td>
      <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">Email:</div></td>
      <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td>
      </tr> 
    <tr>
      <td><div align="right">Cell Phone:</div></td>
      <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td class="aaaaaaa">Username:</td>
      <td><label for="username"></label>
        <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/>
        </td>
    </tr>
    <tr>
      <td class="aaaaaaa"> </td>
      <td><label for="accounttype"></label> 
        <input type="submit" name="submit" id="submit" value="Save" /></td>
    </tr>
    </table>
  </form>  
        </div>
        <div class="TabbedPanelsContent">
          <label for="badges"></label>
          <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
        </div>
        <div class="TabbedPanelsContent">
          <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
        </div>
      </div>
    </div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

You also need to define exactly what you want to happen at each step and what you want your user interface to be.

 

For example, if the current visitor is logged in and is an admin, how do you want to let him pick between editing his own profile or picking one of the other user's profile to edit and how does he go about picking which user to edit?

I have a member search file:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<style type="text/css">
#apDiv8 {
position:absolute;
left:1074px;
top:254px;
width:139px;
height:33px;
z-index:7;
}
#apDiv9 {
position:absolute;
left:813px;
top:225px;
width:142px;
height:65px;
z-index:7;
}
</style>
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="apDiv9"></div>
  <div id="apDiv8"></div>


<style type="text/css">

table {
background-color: #FCF;
}
th {
width: 150px;
text-align: left;
}
</style>

<h1>Member Search</h1>
<p><a href="join_form.php">New Member</a></p>
<form method="post" action="search1.php">
<input type="hidden" name="submitted" value="true" ?/>

<label>Search Category:

<select name="category">
<option value="name">Name</option>
<option value="username">Username</option>
<option value="email">Email</option>
<option value="phone">Phone Number</option>
</select>
</label>

<label>Search Criteria: <input type="text" name ="criteria" /> </label>

<input type="submit" />


</form>

<?php
if (isset($_POST['submitted'])) {
include('connect1.php');
$category = $_POST['category'];
$criteria = $_POST['criteria'] ;
$query = "SELECT * FROM members WHERE $category LIKE '%".$criteria."%'";
$result = mysqli_query($dbcon, $query) or die('error getting data');
$num_rows = mysqli_num_rows($result);
echo "$num_rows results found";
echo "<table>";
echo "<tr><th>Name</th> <th>Username</th> <th>Phone Number</th> <th>Email</th></tr>";
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
echo "<tr><td>";
echo "<a href=\"myprofile.php?id=".$row['id']."\">".$row['name']."</a>";
echo "</td><td>";
echo $row['username'];
echo "</td><td>";
echo $row['phone'];
echo "</td><td>";
echo $row['email'];
echo "</td></tr>";
}
echo "</table>";
}
?>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

so what session should I set then?  here is login form page where all sessions start:

<?php
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
if ($_POST['username']) {
//Connect to the database through our include
include_once "connect_to_mysql.php";
$username = stripslashes($_POST['username']);
$username = strip_tags($username);
$username = mysql_real_escape_string($username);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$name = $row["name"];
session_register('name');
$_SESSION['username'] = $username;
// Get member userlevel into a session variable
$userlevel = $row["userlevel"];
session_register('userlevel');
$_SESSION['userlevel'] = $userlevel;
// Update last_log_date field for this member now
mysql_query("UPDATE members SET lastlogin=now() WHERE id='$id'");
// Print success message here if all went well then exit the script
header("location: news.php?");
exit();
} // close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
exit();
}}
?>

Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do.

 

1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing?

 

2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor.

 

The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page.

Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do.

 

1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing?

 

2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor.

 

The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page.

Can you give me the exact line and how to do it?  I think I know where, and i tried changing it, but now it doesn't pull any id.

I need to know how to allow admin to essentially be "all users" ...

 

^^^ You have been told how to do that. We are not here to write your code for you and it will take more than changing a couple of lines of code. It will take some actual programming effort.

 

Have you modified (and tested) your code to use a GET parameter to specify which profile to display/edit/update, modified (and tested) your code to cause any links to be built with that GET parameter on them, and then to add (and test) the logic to determine what actions the current visitor can do on any of the relevant pages, depending on if he is a regular member and the profile is his or he is an administrator?

I need to know what line(s) exactly need to be changed to get.  I tried changing one line in the search code to get but now it pulls no id.  The address it goes to is .../myprofile.php?id= and then no Id.  I am pretty sure it has to do with session variable. But if I try to changethe variable no content displays then.  I need to know where to put get and if the session variable could cause this.  Thanks in advance for any help.

You need to understand an id first.

 

we setup a databse like so

 

userid ((who the user is))

name (( user's name

dob (users date of birth

tel ((users telephone number

date ((date a note is made

time (a time a note is made

notes (notes))

 

We give users  a userid in a datadabes, so we no who they are.

 

lets say a user can comment, on a note a user is showwing.

 

we need a new database colum for comments.

 

commentid ((this is the id of the commment

userid ((this is the person who wrote the comment

comment ((this is the comment

noteid(this is the userid of notes

date_of_note (this is date of note commenting on

time_of_note((this is time of note commenting on

date (this is the date of comment

time ((this is the time of comment

 

you read a note , and use a link to comment on the note,

fill in a form to comment, in the form your have hidden values,

date_of_note and time_of_note, and noteid.

 

know you can select a specific note, and see comments, form a single user easly.

 

There more to it, but there the basic idea, to get info about others, or even join info together. via a id...

 

----------------

 

Your jumping before you can walk.

 

Your trying to create a advance membership system, before knowing how a standard username and password system works.

 

it simple setup like this

 

members_power ((table name

 

member_id (members id from reg)

member_auth (what the member is 1=admin 2=user)

 

it  a big clue........

 

 

so now I am able to get it to use correct id, only problem is, it completely switches users!!!!!!!  please help:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$userid = $_SESSION['id'];
?>
<?php
// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'");
$sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE userid=".$_GET['userid']."");
while($row = mysql_fetch_array($sql)){
$userid = $row["userid"];
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
        <li class="TabbedPanelsTab" tabindex="0">My Info</li>
        <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
        <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
  </ul>
      <div class="TabbedPanelsContentGroup">
        <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
  <table align="center" cellpadding="8" cellspacing="8">
   <tr>   <?php if ($accounttype == "Scout") {
?>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr><?php
   }
  ?>
      
      
   <tr>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td>Phone Number:</td>
      <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Address:</div></td>
      <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td>
      </tr>
    <tr>
      <td><div align="right">City:</div></td>
      <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">State:</div></td>
      <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Zip Code:</div></td>
      <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">Email:</div></td>
      <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td>
      </tr> 
    <tr>
      <td><div align="right">Cell Phone:</div></td>
      <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td class="aaaaaaa">Username:</td>
      <td><label for="username"></label>
        <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/>
        </td>
    </tr>
    <tr>
      <td class="aaaaaaa"> </td>
      <td><label for="accounttype"></label> 
        <input type="submit" name="submit" id="submit" value="Save" /></td>
        <input name="userid" type="text" value="<?php echo "$userid"; ?>" />
    </tr>
    </table>
  </form>  
        </div>
        <div class="TabbedPanelsContent">
          <label for="badges"></label>
          <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
        </div>
        <div class="TabbedPanelsContent">
          <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
        </div>
      </div>
    </div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

All right, I am able to get the correct content to come up if there is no session set.......duh.  So here is code I have it sets a session, but that is not the session I want.....I want userid not userid1 to be it............but that is the only way I can get info to display.  Here is php code for the profile edit page:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$userid1 = $_SESSION['id'];
?>
<?php
// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'");
$sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>


<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM editinfo WHERE userid1=".$_GET['userid1']."");
while($row = mysql_fetch_array($sql)){
$userid1 = $row["userid1"];
$name1 = $row["name1"];
$phone1 = $row["phone1"];
$username1 = $row["username1"];
$address1 = $row["address1"];
$city1 = $row["city1"];
$state1 = $row["state1"];
$zip1 = $row["zip1"];
$cell1 = $row["cell1"];
$email1 = $row["email1"];
$accounttype1 = $row["accounttype1"];
$rank1 = $row["rank1"];
$badges1 = $row["badges1"];
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
</head>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE userid='userid'");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6">
<div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
    <li class="TabbedPanelsTab" tabindex="0">My Info</li>
    <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
    <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
    </ul>
  <div class="TabbedPanelsContentGroup">
    <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
      <table align="center" cellpadding="8" cellspacing="8">
        <tr>   <?php if ($accounttype == "Scout") {
?>
          <td><div align="right">Name:</div></td>
          <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td>
          </tr><?php
   }
  ?>
        
        
        <tr>
          <td><div align="right">Name:</div></td>
          <td><input name="name" type="text" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td>Phone Number:</td>
          <td><input name="phone" type="text" id="phone" value="<?php echo "$phone1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td><div align="right">Address:</div></td>
          <td><input name="address" type="text" id="address" value="<?php echo "$address1"; ?>" size="30" maxlength="24" /></td>
          </tr>
        <tr>
          <td><div align="right">City:</div></td>
          <td><input name="city" type="text" id="city" value="<?php echo "$city1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td><div align="right">State:</div></td>
          <td><input name="state" type="text" id="state" value="<?php echo "$state1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td><div align="right">Zip Code:</div></td>
          <td><input name="zip" type="text" id="zip" value="<?php echo "$zip1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td><div align="right">Email:</div></td>
          <td><input name="email" type="text" id="email" value="<?php echo "$email1"; ?>" size="30" maxlength="64" /></td>
          </tr> 
        <tr>
          <td><div align="right">Cell Phone:</div></td>
          <td><input name="cell" type="text" id="cell" value="<?php echo "$cell1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td class="aaaaaaa">Username:</td>
          <td><label for="username"></label>
            <input name="username" type="text" id="username" value="<?php echo "$username1"; ?>"/>
            </td>
          </tr>
        <tr>
          <td class="aaaaaaa"> </td>
          <td><label for="accounttype"></label> 
            <input type="submit" name="submit" id="submit" value="Save" /></td>
          <input name="userid" type="text" value="<?php echo "$userid1"; ?>" />
          </tr>
        </table>
      </form>  
      </div>
    <div class="TabbedPanelsContent">
      <label for="badges"></label>
      <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
      </div>
    <div class="TabbedPanelsContent">
      <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
      </div>
    </div>
</div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
</div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
</html>

 

Here is the login page where all the variables are intitialized!!!!!

<?php
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
if ($_POST['username']) {
//Connect to the database through our include
include_once "connect_to_mysql.php";
$username = stripslashes($_POST['username']);
$username = strip_tags($username);
$username = mysql_real_escape_string($username);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM sessions WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$name = $row["name"];
session_register('name');
$_SESSION['username'] = $username;
// Get member userlevel into a session variable
$userlevel = $row["userlevel"];
session_register('userlevel');
$_SESSION['userlevel'] = 9;
// Update last_log_date field for this member now
mysql_query("UPDATE sessions SET lastlogin=now() WHERE id='$id'");
// Print success message here if all went well then exit the script
header("location: news.php?");
exit();
} // close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
exit();
}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template3.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Member Login</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:203px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:244px;
width:254px;
height:80px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:367px;
width:256px;
height:65px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:285px;
width:250px;
height:61px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:339px;
top:199px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:325px;
top:184px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:326px;
width:266px;
height:83px;
z-index:6;
}
</style>
<script type="text/javascript">
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
</head>

<body onload="MM_preloadImages('button/register2.png','button/login2.png')">
<div id="apDiv1"><a href="pictures.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image2','','button/register2.png',1)"><img src="button/pictures1.png" name="Image2" width="300" height="50" border="0" id="Image2" /></a></div>

<div id="apDiv2"><a href="login.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/login2.png',1)"><img src="button/login1.png" name="Image3" width="300" height="50" border="0" id="Image3" /></a>
  <div id="apDiv4"></div>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->


<script type="text/javascript">
<!-- Form Validation -->
function validate_form ( ) { 
valid = true; 
if ( document.logform.username.value == "" ) { 
alert ( "Please enter your User Name" ); 
valid = false;
}
if ( document.logform.pass.value == "" ) { 
alert ( "Please enter your password" ); 
valid = false;
}
return valid;
}
<!-- Form Validation -->
</script>

     <div align="center">
       <h3><br />
         <br />
       Log in to your account here<br />  
       <br />
       </h3>
     </div>
     <table align="center" cellpadding="5">
      <form action="login.php" method="post" enctype="multipart/form-data" name="logform" id="logform" onsubmit="return validate_form ( );">
        <tr>
          <td class="style7"><div align="right">Username:</div></td>
          <td><input name="username" type="text" id="username" size="30" maxlength="64" /></td>
        </tr>  
        <tr>
          <td class="style7"><div align="right">Password:</div></td>
          <td><input name="password" type="password" id="password" size="30" maxlength="24" /></td>
        </tr>
        <tr>
          <td> </td>
          <td><input name="Submit" type="submit" value="Login" /></td>
        </tr>
      </form>
    </table>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"></div><img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

 

 

If you could help me figure out the correct code for this so that the PHP tags work such as in the places where buttons show only if your accounttype is Admin (which needs session, duh)  that would be so, so, so great!!!!!!!!!!!!!!!!!!!!!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.