Hi.. Good day..

thank you for viewing my thread.. i would like to ask my fellow frens in daniweb to help me to validate access in my assignment system...

currently my database is like this:

Assignment_id  |  Assignment_name  |  Member                |  Remarks
     1                 test 1         John, Sue, Veronica        ok ok
     2                 test 2         Sue, John                   ....
     3                 test 3         James, Robert, John

Current my system allow all user to edit their assignments details including other group assignments. So right now, im trying to find a way on how to validate the user access which only allow registered member can edit their own assignment based on their login ID (session). let say:

1. John can only edit Assignment_id #1, #2, #3 (login as John)
2. Sue can only edit Assignment_id #1, #2 (login as Sue)
3. James can only edit Assignement_id #3 (login as James)
etc.....

my idea is just want to make the textbox is editable for registered member and readonly for unregistered member.

i've constructed few dummy functions but still failed to validate the user session with his/her assignments. I've found that (as a beginner), this is very complicated because the table field for member is in one row e.g. sue, john, veronica. Below is one of my unsuccessful function:

$catch_s = $_SESSION[admin_uname]; //from session login
$new_array = $myrow2['cag_member']; //this is from database (sue, john, veronica)
$qtrim = explode(', ',$new_array); 
foreach($qtrim as $value)
   {
      if($value!=NULL){
      if ($value == $catch_s){
      echo "YES! 5 6 7 8 <br/>";} //should be in real system, textbox can be edited
      else { echo "NO! 1 2 3 4<br/>"; //should be in real system, textbox is readonly
      }
      }
   }

I've tested above function for assignment #1 and login as Sue, and the output is

NO! 1 2 3 4
YES! 5 6 7 8
NO! 1 2 3 4

I need your expert and kind assistance to construct a coding or at least dummy one to show on how to validate this type of situation.

Thank you very much. :)

you may find thing in the sql query itself

$query="select assignment_id, assignment_name, members, remarks, 
if(  instr(members,'$catch_s')>0 , 1, 0 ) as allowedit 
from assignment_table";

.
.
..other code
.
.
.

if ( $myrow2['allowedit']=='1')
    echo "yes";
else 
    echo "no";

thank you for your reply sir,

need your kind assistance to explain more about the below sql query.

if(  instr(members,'$catch_s')>[B]0 , 1, 0[/B] )

thank you

suppose $catch_s= 'john'

so instr(members,'john') will return you position of 'john' in members column. if it finds john in members columns it will return non zero value, if it did not find john in member column it will return 0

if we found john in member column we set allowedit to 1 for that row, the row in which members do not have john it will set allowedit to 0,

this allowedit flag we can use in our php code to enable/disable html element or whatwever we want.

thank you very much sir..

make a query from the session your are logget in with

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.