Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
cougarslam
Starting Member
1 Post |
 Posted - 2006-08-11 : 09:31:52
|
| I'm having a problem getting an sql statement in a php page to workbasically the problem is i am trying to make it so it will only allow a user to access it when a field in the admin table is set to "admin"the problem is that it has to detect which user is logged in then check the usertype field in the admin part of the database so it can get this info. if it finds the usertype is not admin it should kill the application and show a message so the user needs to be admin.i got it to do this but it does not detect whetehr the user is admin so it auto kills the application.if they are admin they should have access to the page as normal.i have tried messing round with my sql statement and code but to no avail any help would be appreciated <? include ("functions/include_fns.php");check_valid_user($_SERVER['PHP_SELF']);$conn = db_connect();$title = "news";if (isset($_POST["delete"])) { $message = delete_entries($title, $_POST["deleted"]);}if (isset($_POST["update_status"])) { $status = $_POST["status"]; $message = update_status($title, $status);}$sql = "select id, title, syn, img1, img2, unix_timestamp(ndate) status from news order by unix_timestamp(ndate)";$result = mysql_query($sql, $conn);$sql2 = "select usertype from admin where username = $username order by usertype";$result2 = mysql_query($sql2, $conn);do_header(ucfirst($title));?> <h1><? echo ucfirst($title);?></h1> <? if ($admin[usertype] != "admin") {?> <p class="error"><? die ('you need to be an administrator to access this page');?></p> <? } ?> <? if ($message != "") {?> <p class="error"><? echo $message;?></p> <? } ?> <p><img src="images/arrow_add.gif" width="14" height="14" border="0"> <a href="add_<? echo $title;?>.php"><b>Add<? echo ucfirst($title);?></b></a></p> <form action="<? echo $title;?>.php" method="post" name="<? echo $title;?>_form"> <table cellpadding="3" cellspacing="2" bgcolor="#FFFFFF"> <tr class="table_head"> <td width="30"></td> <td width="230"><b>Title</b></td> <td width="230"><b>Synopsis</b></td> <td width="80"><b>Date</b></td> <td width="50" align="center"><b>Visible</b></td> <td width="50" align="center"><b>Delete</b></td> </tr> <? $x = 0; while ($row = mysql_fetch_array($result)) {?> <tr bgcolor="#F3F3F3" onMouseOver="this.bgColor='#FFF9A1';" onMouseOut="this.bgColor='#F3F3F3';"> <td align="center"><a href="edit_<? echo $title;?>.php?id=<? echo $row[id];?>"><b>Edit</b></a></td> <td><? echo $row[1];?></td> <td><? echo substr($row[2],0,50);?>...</td> <td><? echo date("d/m/Y", $row[5]);?></td> <td align="center"><input type="checkbox" name="status[]" value="<? echo $row[id];?>" <? if ($row[6] == 1) { echo "checked"; }?> ></td> <td align="center"><input type="checkbox" name="deleted[]" value="<? echo $row[0];?>"></td> </tr> <? $x++; }?> <tr> <td></td> <td></td> <td></td> <td></td> <td><input type="submit" value="Update" name="update_status"></td> <td><input type="submit" value="Delete" name="delete" onClick="javascript:return del_entry('the selected news articles?');"></td> <td> </td> <td> </td> </tr> </table> </form><? do_footer();?> |
|
|
Vinnie881
Master Smack Fu Yak Hacker
1231 Posts |
Posted - 2006-08-11 : 21:31:31
|
| <? if ($Admin[usertype] != "admin") {?>shouldn't that line read <? if ($Result2[usertype] != "admin") {?> |
 |
|
|
madhivanan
Premature Yak Congratulator
22864 Posts |
Posted - 2006-08-14 : 12:47:13
|
| Please post your question at relevent forumMadhivananFailing to plan is Planning to fail |
|
|
|
|
|
|
|
|
sql check value in a field