Hi all,

This may be asking a bit much, but this is my FIRST advanced PHP/MySQL project. Any help is appreciated.

I am currently building a website for one of my friends photography business, and she has requested to allow her clients to be able to sign with a username and password to view thier proofs - and then expiring the pictures/account after 30 days.

I know I could make separate pages for each user, but that cold turn out to be A LOT of work. I was just wondering if anyone knew of a good/fairly simple way to go about conquering this? Would I need to use mysql? I would like to use simple viewer to allow users to view their own pics like here for example: http://simpleviewer.net/simpleviewer/examples/modern/ Just not sure how I would make it show THEIR pictures after they logged in with a username and password?

Thanks for your time!

7 Years
Discussion Span
Last Post by Lsmjudoka

OK simple. Your uploaded photos are saved to a folder with a unique filename, e.g.

This filename is saved to mysql db record along with other file info, like title, description, tags, user_id, date_uploaded, filesize, dimensions etc.

When a user logs in the user_id (an integer from the user_id PK field in your users table) is propagated via sessions ($_SESSION variables) from page to page.

When a user wants to see their own uploads, they go to your generic view_photos.php (or similar) page which filters records from the DB based on the user_id (from session variable):

$user_id = $_SESSION['user_id'];
$r = mysql_query("SELECT photofile, description, ..(etc).. FROM photos WHERE user_id = '$user_id'");

In your while loop - you get the filenames from the photofile field. You build up a list of photos with associated details. You can present this in a html table.

This is very straightforward, but if you're a beginner, take some time to research how to display a html table with records from a db. Clue:

$output .= "<tr><td><img src=\"/photos/{$row['photofile']}\" /></td><td>" . stripslashes($row['title']) . "<br />" . stripslashes($row['description']) . "</td></tr>";

BTW stripslashes if you used addslashes, otherwise if used mysql_real_escape_string no stripslashes required.

Edited by diafol: n/a


Thanks so much for your reply, Everything makes sense except for the session - i haven't ever worked with sessions before. How exactly does that work? Will this ONLY allow that logged in user to access those pictures? Sorry, I haven't had any time today to try to get any code together. I will hopefully have something tomorrow!


(Following explanation assumes cookie-based sessions)

When you start a session, a cookie with a unique session id gets stored in the user's browser. Then every page load, the browser gives the script( session_start(); to be specific) that id, and it's matched up with the data($_SESSION in this case).

The id is unique to that computer/browser/time(until the user closes the browser), so yes, only that user will be able to access their pictures. (assuming there are no flaws in your login and display scripts).

Edited by Lsmjudoka: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.