Hi all,

Newbie question;....
I have a database and a table within called 'data'..
I also have a login script that allows users to access it. My question is..how do I make only the user's record viewable/accessible after login. Specifically, how do I access, the a specific record in the database using php code??? ... Some of my variables are $email, $phone, $address.....etc..

I want to display only the users data when they login and I want then to be able to update it...

Hope you can help me a little..

When you set up your SQL statement add a WHERE clause to restrict it to the current user.

let's say that the logged on user is in the $user variable. you would code it something like this.

$sql = 'SELECT * FROM data WHERE userID ='" . $user ."'"

You should probably substitute the field names you need for the *, but not knowing the layout of your data table this will retrieve everything from that table.

If you are using an MySQL database then you would want to execute the query like this:

//using mysqli functions
$result = mysqli_query($sql);

// using mysql functions
#result = mysql_query($sql);

You can find documentation and examples for mysqli functions here.
You can find documentation and examples for mysql functions here.

Thanks very much. I think I am beginning to understand a little more...
One question..suppose I named the variable in my 'data' table as 'memberid'...
would I need to make the code read:

$sql = 'SELECT * FROM data WHERE memberid ='" . $memberid ."'"

?

or is $user a variable that I can change the name of and have set to user input in the login page?

I am confused with the difference between 'userID' and '$user'...


_________________________________________________________________

When you set up your SQL statement add a WHERE clause to restrict it to the current user.

let's say that the logged on user is in the $user variable. you would code it something like this.

$sql = 'SELECT * FROM data WHERE userID ='" . $user ."'"

You should probably substitute the field names you need for the *, but not knowing the layout of your data table this will retrieve everything from that table.

If you are using an MySQL database then you would want to execute the query like this:

//using mysqli functions
$result = mysqli_query($sql);

// using mysql functions
#result = mysql_query($sql);

You can find documentation and examples for mysqli functions here.
You can find documentation and examples for mysql functions here.

Your coding example is correct as long as the variable $memberid holds the correct ID number for the current user/member.

In my example the userID is the column name in the database, the $user is a php variable that holds the user/memeber's id.

I am not sure where you are holding the user information once the user has signed in, but in order to have access to this information on every page and eve subsequent requests to the same page you will have to put this information into session or cookie variables. Session variables might make the most sense.

<?php
session_start();    // required for session variables

$_SESSION['memberid'] = $memberid;    // Perform after user has successfully logged in

$memberid = $_SESSION['memberid']     // Perform whenever you need access to Member ID
  1. The session_start function is required to set up a session and access session variables.
  2. The first statement goes into your login script, after the user has provided a good password. You only need this once and you can use unset($_SESSION), to remove the session variables when the user logs off.
  3. The second statement is used whenever you need to perform any tests based on the memberid. You can access the $_SESSION variable directly, but if you are going to use it more than once it is best to create a local variable.

how would I display the results to the user?
I got the code running but don't know how to display anything..
Here is my entire code:

<?php
session_start();  

if (!isset($_SESSION['memberusername'])){  
	header("location:contractorlogin.php");  
	exit();  
}

$user = $_SESSION['memberusername'];
$sql = "SELECT Username FROM contractors WHERE Username LIKE'" . $user . "'";
#result = mysql_query($sql);
?>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.