filter mysql reults in my browser using php

[andybrooke]

Hi.

Im using the following script that looks up a table on my phpMySQL database and displays the whole table!

I am Trying to create an online tracker, i want to only display in the browser the fields that are relevent to who ever is logged on.

(they logon and sessions are set : $_SESSION['User']  which i believe to be 'Username' in my table)

 

i have pasted the whole script below but i pressume the line i need help with is

$result = mysql_query( "SELECT Userid, ClientName, DateOfAction, Action, Status FROM OnlineTracker" )

 

does anyone have any idea what the code would be to filter the results to only show the data that is specific to the 'user' that is loged in?

 

the script below show the entire data in the browser and doesnt filter it down to the user.

 

Hope you can help!!!

 

<?php

$database="db231930750";

mysql_connect ("**************", "***********", "**********");

@mysql_select_db($database) or die( "Unable to select database");

$result = mysql_query( "SELECT Userid, ClientName, DateOfAction, Action, Status FROM OnlineTracker" )

or die("SELECT Error: ".mysql_error());

$num_rows = mysql_num_rows($result);

print "There are $num_rows records.<P>";

print "<table width=900 border=1>\n";

while ($get_info = mysql_fetch_row($result)){

print "<tr>\n";

foreach ($get_info as $field)

print "\t<td><font face=arial size=1/>$field</font></td>\n";

print "</tr>\n";

}

print "</table>\n";

?>

[priti]

Hi,

 

what you mean by 'relevent to who ever is logged on'. if it is somethng to do with empty data then you can simply check and show

 

i.e

while ($get_info = mysql_fetch_row($result)){

print "<tr>\n";

foreach ($get_info as $field)

{

if(trim($field) != '')

{

    print "\t<td><font face=arial size=1/>$field</font></td>\n";

}

}

print "</tr>\n";

 

Or if you are talking with fields which are applicable to the user then you have to fetch only those fields i.e in your select statement.

 

Regards

 

}

 

[andybrooke]

Hi. What i mean by relevent is, i have a number of clients who pass me business. they all want to keep track of there own cases they have passed to me so to solve this i am attempting to create an online tracker. i have made the table on mysql and i can display everything in this table on my browser BUT

i only want to display the information that is relevent to who ever is logged in. they log in using a username and password. i pressume that the username is storred somewere so i want the code above to filter the rows to show only those rows that are connected to that user.

 

hope this makes it clearer

[adam291086]

well, you can use sessions. When the user logins in set a session to = the username. Then when you pull all the information from the database you can use the WHERE clause.

 

In you database i persume you have linked the cases to each user. This will need to be the case for the above idea to work.

[andybrooke]

Hi. I have tried the WHERE clause but cant get that to work. but i might be getting the code wrong. what would you suggest i use as the code?

[andybrooke]

If it is not possible or to comlex to get the code to only display the rows aplicable to the logged in 'user' then could i have a search page that asked you for "your username" then on submit this would display the rows that match your "username" if this is a simpler solution would anyone be able to help me out with what the code for this would be?

[adam291086]

when the user logs in do you store there information in a session. If so what is that session?

[andybrooke]

hi. soory if this is a pain for you!!!!!

 

i am not sure but i have pasted the login php below if this helps.

 

<?php

 

require 'files/header.inc.php';

 

if ( isset($_SESSION['User']) )

{

echo "You are already logged in.. redirecting\n";

echo "<meta http-equiv=\"refresh\" content=\"1;url=members.php\">\n";

} else {

if ( !isset($_POST['username']) || !isset($_POST['password']) )

{

echo "Login:<br />\n";

echo "<form method=\"post\" action=\"index.php\">\n";

echo "Username: <input type=\"text\" name=\"username\"><br />\n";

echo "Password: <input type=\"password\" name=\"password\"><br />\n";

echo "<input type=\"submit\" value=\"Login\"><br />\n";

echo "</form>\n";

echo "<a href=\"register.php\">Create an account!</a>";

} else {

$username = addslashes($_POST['username']);

$password = sha1(addslashes($_POST['password']));

$ret = mysql_query("SELECT * FROM $dbtable WHERE UserName = '$username' AND UserPass = '$password' LIMIT 1");

if (@mysql_num_rows($ret) != 0)

{

$ret = mysql_fetch_array($ret);

$_SESSION['User'] = $ret;

$username = $_SESSION['User']['UserName'];

echo "Welcome back $username.. redirecting\n";

echo "<meta http-equiv=\"refresh\" content=\"1;url=members.php\">\n";

} else {

echo "Sorry, Incorrect Login Information\n";

}

}

}

 

 

 

echo "</body>\n</html>\n";

 

?>

[adam291086]

change

 

 if (@mysql_num_rows($ret) != 0)
     {
        $ret = mysql_fetch_array($ret);
        $_SESSION['User'] = $ret;
        $username = $_SESSION['User']['UserName'];
        echo "Welcome back $username.. redirecting\n";
        echo "<meta http-equiv=\"refresh\" content=\"1;url=members.php\">\n";
     }

 

to

 

 if (@mysql_num_rows($ret) != 0)
     {
        $ret = mysql_fetch_array($ret);
        $_SESSION['User'] = $username;
        $username = $_SESSION['User']['UserName'];
        echo "Welcome back $username.. redirecting\n";
        echo "<meta http-equiv=\"refresh\" content=\"1;url=members.php\">\n";
     }

 

 

then where you want the info for the specific user do something like

 

$username = $_SESSION['username'];
$result = mysql_query("SELECT * FROM person
WHERE username='$username'");

[andybrooke]

ok! thanks i will give this a try

[adam291086]

don't forget to have session_start(); at the top of every page when you using sessions.

[andybrooke]

Tried that, however it's still not working...

 

It brought up that there were no records initially, which was true, but when I added a record, it didn't bring that up.

 

session_start() hasn't done anything either...

 

Any ideas please mate?