0

please if u can help me
i have created a log in on dreamweaver and i had created one intranet in one company coz i have on study project to do
i have created emploeys with their datas
and created a log in form on dreamweaver
but the problem is: when i log in as a username :grisel with the pasword :grisel the programs showed me my datas and all the other users datas
i want a restrict acces when i log in as grisel, program show me only grisel datas and not the others users datas
if u got it the problem,please give me an asnwer
sincerely grisel ndria

2
Contributors
5
Replies
6
Views
5 Years
Discussion Span
Last Post by griselndria
0

Hi, you have to use a WHERE condition in your query to select only the data related to the logged user. For example:

select * from user_details where user_id = 12;

If you paste:

  • the query used to select the data to display
  • the tables structures (just run explain tablename or show create table tablename)
  • and the relations between the table queried in the login step and data tables

then it will be easier to help you.

0

please help me with smth else,coz i am newer on databased and i had on project on my school.i will send u the codes and please help me if i have any error or wrong query and told me after how to show the details

0
prova _db.php :

<?php
# FileName="Connection_php_mysql.htm"
# Type="MYSQL"
# HTTP="true"
$hostname_prova_db = "localhost";
$database_prova_db = "intranet_db";
$username_prova_db = "root";
$password_prova_db = "";
$prova_db = mysql_pconnect($hostname_prova_db, $username_prova_db, $password_prova_db) or trigger_error(mysql_error(),E_USER_ERROR); 
?>

prova.php :
<?php require_once('../Connections/prova_db.php'); ?>
<?php
mysql_select_db($database_prova_db, $prova_db);
$query_rs1 = "SELECT * FROM punonjesit ";
$rs1 = mysql_query($query_rs1, $prova_db) or die(mysql_error());
$row_rs1 = mysql_fetch_assoc($rs1);
$totalRows_rs1 = mysql_num_rows($rs1);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<?php echo $row_rs1['Emri_Depart']; ?>
<p>
  <?php
mysql_free_result($rs1);
?>
</p>
<p><?php echo $row_rs1['Emri_drejtor']; ?></p>
<body>
</body>
</html>

loglog.php :
<?php require_once('../../../Connections/user1_db.php'); ?><?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "Connections/user1.php";
  $MM_redirectLoginFailed = "loglog.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_user1_db, $user1_db);

  $LoginRS__query=sprintf("SELECT username, mbiemri FROM punonjesit WHERE username='%s' AND mbiemri='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 

  $LoginRS = mysql_query($LoginRS__query, $user1_db) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";

    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?><!DOCTYPE html>
<html lang="en">
<head>
<title>Home</title>
    <meta charset="utf-8">
    <meta name="description" content="Your description">
    <meta name="keywords" content="Your keywords">
    <meta name="author" content="Your name">
    <link rel="stylesheet" href="css/style.css">
    <script src="js/jquery-1.6.4.min.js"></script>
    <script src="js/cufon-yui.js"></script>
    <script src="js/Franklin_Gothic_Medium_400.font.js"></script>
    <script src="js/cufon-replace.js"></script>
    <script src="js/script.js"></script>
<!--[if lt IE 7]>
  <div class='aligncenter'><a href="http://www.microsoft.com/windows/internet-explorer/default.aspx?ocid=ie6_countdown_bannercode"><img src="http://storage.ie6countdown.com/assets/100/images/banners/warning_bar_0000_us.jpg"border="0"></a></div>  
    <![endif]-->
    <!--[if lt IE 9]>
    <script src="js/html5.js"></script>
  <link rel="stylesheet" href="css/ie.css"> 
<![endif]-->
</head>
<body>
<div class="bg">
    <!--==============================header=================================-->
    <header>
        <div class="main">
            <h1>&nbsp;</h1>
            <nav>
                <ul class="sf-menu">
                    <li class="current"><a href="index.html">home</a><ul>
                            <li><a href="../../../Home.htm">Historik</a></li>
                            <li><a href="more.html">Struktura Organizative</a></li>
                            <li><a href="Kushtet_e_pergjithshme_te_punes_te_Bankes_se_Shqiperise.pdf">Rregulla Administrative </a></li>
                        </ul>
                  </li>
                    <li><a href="../../../POLITIKA MONETARE.docx">politika monetare </a></li>
                    <li><a href="../../../ISO_14001_TRAINING_ALB.pdf">trajnime</a></li>
                    <li><a href="index-4.html">blog</a></li>
<li></a></li>
                    <li></li>
                </ul>

                <form action="/webroot/intranet_site/intranet_result.php" method="get" name="fmsearch" id="fmsearch">
                <table width="323">
                  <!--DWLayoutTable-->
                  <tr>
                    <th width="40" height="35"><!--DWLayoutEmptyCell-->&nbsp;</th>
<th width="150" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</th>
<th width="52" valign="top"><!--DWLayoutEmptyCell-->&nbsp;</th>
</tr></table>
</form>
 </nav>
            <div class="clear"></div>
          <div class="shadow">
                <div class="main-img"></div>
                <img src="../../../images/banka2.bmp" alt="banka" longdesc="../../../images/banka2.bmp">
                <ul class="links">
                    <li></li>
                    <li></li>
                    <li></li>
                </ul>
          </div>
        </div>
  </header>
    <!--==============================content================================-->
    <section id="content">

</div>
                    </div>
                    <h3>User Login</h3>

<table border="0">
<form method="POST" action="<?php echo $loginFormAction; ?>">
<tr><td>Username</td><td>:</td><td><input type="text" name="username" size="20"></td></tr>
<tr><td>Password</td><td>:</td>
  <td><a href="http://localhost/webroot/intranet_site/Templates/free_extended-package-templates_udwl2lyk39k5pqr9/site/user1.php"></a>
    <input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td>
  <td><a href="http://localhost/webroot/intranet_site/Templates/free_extended-package-templates_udwl2lyk39k5pqr9/site/user1.php">
    <input name="submit" type="submit" value="Login" >
  </a></td>
</tr> 
</form>
</table>

<form name="form1" method="post" action="">
  <label></label>
</form>
</body>
</html>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.