[SOLVED] Check mysql database for data

[monkeybidz]

Need to check if some info matches from mysql database in two tables to see if the current session user is on a friends list for the profile page he or she is viewing. If they do not exist in field, return an error. Here is the structure and what i got so far:

 

Table Name 1: sbdtng_favorites

Field: sb_uid

Field: sb_offer_id

 

Table Name 2: sbdtng_members

Field: sb_id

Field: sb_private

 

Just trying to basically see if:

$_SESSION['sbdtng_userid'] matches any id in $sb_offer_id for user $idsoftbiz only when $idsoftbiz has profile set to private.

 

$sql = "SELECT * FROM `sbdtng_favorites`, `sbdtng_members` WHERE sb_id='$idsoftbiz' AND sb_uid='$idsoftbiz' AND sb_private='Yes' AND sb_offer_id=$sb_offer_id ";


if($sb_private =='Yes' && $_SESSION['sbdtng_userid'] != $sb_offer_id){
  header("Location: gen_confirm.php?errmsg=".urlencode("This user has profile set to private. Only friends can view this page.<BR><a href=".addme_request.php.">Click here to request to be added.</a>"));
die();
}

[darkfreaks]

whats the problem with it?

[monkeybidz]

No results if private is set to yes. It will ignore the header location. This :sb_offer_id=$sb_offer_id is suppoesed to be this: sb_offer_id=$_SESSION['sbdtng_userid'] but will not recognize it for some reason

[darkfreaks]

try putting =! not the other way around

[monkeybidz]

Still no dice.

[darkfreaks]

<?php

if (!isset($_SESSION['generated']))
    $_SESSION['generated'] = time();
else { // if the session is not allowed to live more, regenerate it
    if (time() - $_SESSION['generated'] > ini_get('session.gc_maxlifetime'))
        $_SESSION = array('generated' => time());
}
?> 

try using if not isset else header

[monkeybidz]

The $_SESSION['sbdtng_userid'] is recognized fine by the page as a session user, the problem here is i need to find a match in database as sb_offer_id so if the session user does not match any in the sb_offer_id, they cannot view this page. This is just something i am trying to add-on.

[darkfreaks]

try using match in SQL like

 

WHERE MATCH (field1, field2) AGAINST ('$variable')

[monkeybidz]

That did not work either. I tried this, and it gets pretty close.

$sql = "SELECT * FROM sbdtng_members WHERE sb_id=$idsoftbiz AND sb_private=sb_private";

$res = mysql_query($sql);
$row = mysql_fetch_array($res);

$sb_private = $row['sb_private']; 

$sql2 = "SELECT * FROM sbdtng_favorites WHERE sb_uid=$idsoftbiz AND sb_offer_id=".$_SESSION["sbdtng_userid"];
$res2=mysql_query($sql2);
if(mysql_num_rows($res2) > 0 && $sb_private == 'Yes'){
    header("Location: gen_confirm.php?errmsg=".urlencode("This user has profile set to private. Only friends can view this page.<BR><a href=".addme_request.php.">Click here to request to be added.</a>"));
die();
}

 

What is wrong here? I think the problem lies here, but what do i know:

 

sb_offer_id=".$_SESSION["sbdtng_userid"];

[darkfreaks]

bad syntax try

 

WHERE sb_offer_id=$sb_offer_id

[monkeybidz]

Im going nuts with this thing. LOL!

 

I tried different senarios, and have determined that $_SESSION["sbdtng_userid"] is not being accepted in the query at all. Could it be because of the quotes?

 

I used it like this:

 

$sql2 = "SELECT * FROM sbdtng_favorites WHERE sb_uid=$idsoftbiz AND sb_offer_id=".$_SESSION["sbdtng_userid"];

 

Notice how i did not use bouble quote at the end, but used it in front of .$_SESSION["sbdtng_userid"]

 

Thats how the designers of this script have it throughout the site, and seems to work fine for whatever reasone everywhere else exept in this page.

 

Just need to check if sb_offer_id is like $_SESSION["sbdtng_userid"].

 

 

[darkfreaks]

well maybe your doing it wrong paste there query followed by your query and lets see if wecan find the  problem? ???

[monkeybidz]

I have changed the code up some more, but let me know if you see anything wrong.

 

$uid=$_SESSION["sbdtng_userid"];

$sb_sbq_off='select * from sbdtng_favorites where sb_uid=$idsoftbiz and sb_offer_id=$uid';	
$sbrs_off_softbiz=mysql_query($sb_sbq_off);
$softbiz_sbid_list='-1';
$softbiz_sbid_list.=",".$sbrow_off["sb_offer_id"];

$sbq1_offsoftbiz="select * from sbdtng_members where sb_offer_id in ($softbiz_sbid_list) and sb_suspended='no'";
$s_b_sbrs1_off=mysql_query($sbq1_offsoftbiz);

if($softbiz_sbid_list<>$uid && $sb_private == 'Yes'){
    header("Location: gen_confirm.php?errmsg=".urlencode("This user has profile set to private. Only friends can view this page.<BR><a href=addme_request.php? >Click here to request to be added.</a>"));
die();
}

 

[darkfreaks]

$sb_sbq_off="SELECT * FROM 'sbdtng_favorites' WHERE sb_uid=$idsoftbiz and sb_offer_id=$uid";
$sbrs_off_softbiz=mysql_query($sb_sbq_off);

 

 

what is the following code do?

 

$softbiz_sbid_list="-1";
$softbiz_sbid_list.=",".$sbrow_off["sb_offer_id"];

[darkfreaks]

this hsould solve it

 

<?php
$sb_sbq_off="SELECT * FROM sbdtng_favorites WHERE sb_uid IN
($idsoftbiz) and sb_offer_id IN($uid)";
$sbrs_off_softbiz=mysql_query($sb_sbq_off);?>

 

 

 

[monkeybidz]

That section was to look like this:

$softbiz_sbid_list='-1';
while( $sbrow_off=mysql_fetch_array($sbrs_off_softbiz) )
{
	$softbiz_sbid_list.=",".$sbrow_off["sb_offer_id"];
}

 

But, it returns:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result

[darkfreaks]

try using it as an associative array

 

using mysql_fetch_assoc

[monkeybidz]

$idsoftbiz is the id to the profile the $uid is trying to see. If $uid does not match they cannot view this members profile.

[darkfreaks]

<?php

if($uid!= $idsoftbiz) { echo "error"; } else { } ?>

[monkeybidz]

Well, I got a hold of the writers of the script, and found that they provide custom work. They have not gotten back to me yet, but i guess i will have to wait. I know it is hard for you guys to help others when you have no idea what we are talking about. Someone send me an email saying i should have just said it is like myspace, where if you are not a friend you cannot view profile.

 

Thanks a lot for your help. It is very appreciated.

I will post a result for those whom have doubts or are wondering what i was talking about. I am throwing in the towl for now and cracking open a brew.

[darkfreaks]

try my if statement first it says if the user id does not equal the profile id to error make sense?

[monkeybidz]

$uid is the visitor

$idsoftbiz is the id of the page the visitor is viewing for another user.

If the $uid is not $idsoftbiz friend list, which means $uid did not match to sb_offer_id in sb_uid row.

[darkfreaks]

<?php
$sb_sbq_off="SELECT * FROM sbdtng_favorites WHERE sb_uid IN
($idsoftbiz) and sb_offer_id IN($uid)";
$sbrs_off_softbiz=mysql_query($sb_sbq_off);?>

tell me if this works?

 

 

or even

 

 

$sb_sbq_off="SELECT * FROM sbdtng_favorites WHERE sb_uid=$idsoftbiz
  and sb_offer_id=$uid";

 

 

<?php ///if uid not equal sblist and set to yes
if($softbiz_sbid_list!=$uid || $sb_private == 'Yes'){
    header("Location: gen_confirm.php?errmsg=".urlencode
("This user has profile set to private. Only friends can view this page.
<BR><a href=addme_request.php? >Click here to request to be added.</a>"));
die();
}?>

[monkeybidz]

You got the idea in the second two codes, the most important one that i cannot get is sb_offer_id to match to $uid where $uid represents current $_SESSION["sbdtng_userid"] or else error

[darkfreaks]

that would be if it does not match to say "this profile is set to private" right? so you need another statement that says if it does match no error but display it?