Jump to content


DanEthical

Member Since 22 Dec 2016
Offline Last Active May 14 2018 09:00 AM

Posts I've Made

In Topic: Displaying Data to Specific User

25 April 2018 - 01:55 PM

That would be "an extra column".

Now you need to revert this query back to a prepared one so you avoid un-filtered input being used.

Will do.

 

Thank you


In Topic: Displaying Data to Specific User

25 April 2018 - 01:49 PM

You cannot reference a name that is NOT defined in the tables being used in the query. Doh!

hahaha Yep, this deserves Best Answer LOL, silly Irish boy here. Well, learnt something new. Thanks again.


In Topic: Displaying Data to Specific User

25 April 2018 - 01:42 PM

Got it.

 

You guys are awesome.

On submitting the form to add a new Maintenance Request, I have added an extra row for username. This tells the request who is logged in and what data to display.

	$sql = "INSERT INTO `maintenance_requests`(`driver_name`, `driver_email`, `fleet_number`, `speedo_reading`, `submit_date`, `issue_name`, `issue_description`, `issue_status`, `issue_priority`,`username`) VALUES ('".$driver_name."','".$driver_email."', '".$fleet_number."','".$speedo_reading."','".$submit_date."','".$issue_name."', '".$issue_description."', 'Open', 'Medium','".$username."')";
	$link->query($sql) or die("Cannot Insert");//update or error
	}

Then, displaying the data:

$sql = "SELECT issue_id, driver_name, submit_date, fleet_number, issue_name, issue_description, issue_priority, issue_status FROM maintenance_requests WHERE username = '" . $_SESSION['username'] . "'";
//  CREATE THE QUERY STATEMENT ITSELF BY ITSELF!

$stmt = $link->prepare($sql);
if(!$stmt)
{
	//	YOU NEED TO HANDLE THE POSSIBILITY OF FAILURE HERE
	ECHO 'PREPARE STATEMENT FAILED';
	EXIT();
}
ELSE
{
    // YOU NEED A BIND STATEMENT HERE TO ASSIGN A VALUE TO THAT ? PARAMETER.
	if (!$stmt->execute())
	{
		//  HANDLE FAILURE OF THE EXECUTE HERE
		ECHO 'EXECUTE STATEMENT FAILED';
		EXIT();
	}
	ELSE
	{
		$stmt->bind_result($issue_id, $driver_name, $submit_date, $fleet_number, $issue_name, $issue_description, $issue_priority, $issue_status);
		while($stmt->fetch()) 
		{
			$code=<<<heredocs
			<tr class="odd gradeX">
			<td class="text-center">$issue_id</td>
			<td class="text-center">$driver_name</td>
			<td class="text-center">$submit_date</td>
			<td class="text-center">$fleet_number</td>
			<td class="text-center">$issue_name</td>
			<td class="text-center">$issue_description</td>
			<td class="text-center">$issue_priority</td>
heredocs;
			echo $code;
			if($issue_status == "Pending")
			{
				echo "<td class='text-center warning'>$issue_status</td>";
			}
			else if($issue_status == "Open")
			{
				echo "<td class='text-center danger'>$issue_status</td>";
			}
			else if($issue_status == "Repaired")
			{
				echo "<td class='text-center success'>$issue_status</td>";
			}
			echo '</tr>';
		}
	}
}
?>

WHERE username = '" . $_SESSION['username'] . "'";

 

Is what was needed.

I have logged in as two different users and it only displays the data they have submitted.

 

Thank you all so much. Major obstacle overcome.


In Topic: Displaying Data to Specific User

25 April 2018 - 01:22 PM

So there's no column in the database which ties the user's data to a specific user? If not, that will need to be your next step.

The username is tied to the logged in user. $username is in a session in the users table.


In Topic: Displaying Data to Specific User

25 April 2018 - 01:17 PM

No, username is not in this table. I am trying to get the data that username has submitted. I am presuming that having $_SESSION['username'] will help identify what user submitted it? 

 

Sure. Here is the whole file including the rewritten code from ginerjm:

<?php
require_once('templates/header.php');
require_once('templates/sidebar.php');
?>

        <div id="page-wrapper" >
            <div id="page-inner">
                <div class="row">
                    <div class="col-md-12">
                     <h2><i class="fa fa-wrench"></i> Maintenance Requests </h2>
                     <h5>Issues are dealt with in priority order and are removed from the system three months after repair. </h5>
                    </div>
                </div>
                 <!-- /. ROW  -->
                 <hr />
            <div class="row">
                <div class="col-md-12">
                     <!-- Advanced Tables -->
                    <div class="panel panel-default">
                        <div class="panel-heading">
                             <i class="fa fa-info"></i> Listed below are the Maintenance Requests you have submitted and their current status.
                        </div>
                        <div class="panel-body">
                            <div class="table-responsive">
                                <table class="table table-striped table-bordered table-hover" id="bookings_table">
                                    <thead>
                                        <tr>
                                            <th class="text-center">Issue ID</th>
                                            <th class="text-center">Driver Name</th>
                                            <th class="text-center">Date Submitted</th>
                                            <th class="text-center">Fleet Number</th>
                                            <th class="text-center">Issue</th>
                                            <th class="text-center">Description</th>
                                            <th class="text-center">Priority</th>
                                            <th class="text-center">Status</th>
                                        </tr>
                                    </thead>

                                    <tbody>
<?php
$check = isset($_SESSION['username']);
// WHAT IS THE POINT OF THE ABOVE STATEMENT IF YOU NEVER ANALYZE THE RESULT?

$sql = "SELECT issue_id, driver_name, submit_date, fleet_number, issue_name, issue_description, issue_priority, issue_status FROM maintenance_requests WHERE username = ?";
//  CREATE THE QUERY STATEMENT ITSELF BY ITSELF!

$stmt = $link->prepare($sql);
if(!$stmt)
{
// YOU NEED TO HANDLE THE POSSIBILITY OF FAILURE HERE
ECHO 'PREPARE STATEMENT FAILED';
EXIT();
}
ELSE
{
    // YOU NEED A BIND STATEMENT HERE TO ASSIGN A VALUE TO THAT ? PARAMETER.
if (!$stmt->execute())
{
//  HANDLE FAILURE OF THE EXECUTE HERE
ECHO 'EXECUTE STATEMENT FAILED';
EXIT();
}
ELSE
{
$stmt->bind_result($issue_id, $driver_name, $submit_date, $fleet_number, $issue_name, $issue_description, $issue_priority, $issue_status);
while($stmt->fetch()) 
{
$code=<<<heredocs
<tr class="odd gradeX">
<td class="text-center">$issue_id</td>
<td class="text-center">$driver_name</td>
<td class="text-center">$submit_date</td>
<td class="text-center">$fleet_number</td>
<td class="text-center">$issue_name</td>
<td class="text-center">$issue_description</td>
<td class="text-center">$issue_priority</td>
heredocs;
echo $code;
if($issue_status == "Pending")
{
echo "<td class='text-center warning'>$issue_status</td>";
}
else if($issue_status == "Open")
{
echo "<td class='text-center danger'>$issue_status</td>";
}
else if($issue_status == "Repaired")
{
echo "<td class='text-center success'>$issue_status</td>";
}
echo '</tr>';
}
}
}
?>
                                    </tbody>

                                </table>
                                <a href="submit-request.php"><button class="btn-default">New Request</button></a>
                            </div>
                            
                        </div>
                    </div>
                    <hr>
                    <!--End Advanced Tables -->
                </div>
            </div>
            </div>
                <!-- /. ROW  -->

    </div>
             <!-- /. PAGE INNER  -->
            </div>
         <!-- /. PAGE WRAPPER  -->
        </div>
     <!-- /. WRAPPER  -->
<?php
require_once('templates/footer.php');
?>

 

Thanks guys.