thank you very much diafol! i need help here it show all user while i want only that user which is login mean a user can see only his/her profile hope now u will undertand my question. $result = mysql_query("SELECT * FROM users");
For me a simple solution works off the session variable ($_SESSION['user_level']). If an user is logged in, they should see their own profile page (including the admin user) - this works off $_SESSION['user_id']. This is only set when an user/admin has logged in.
The $_SESSION['user_level'] could hold an integer like 1 = regular user, 2 = admin, 3 = superadmin etc.
You may find that a separate page would serve as a place to edit all users. This could be placed in an admin nav item, which is only visible if the $_SESSION['user_level'] > 1. Also that page would be protected from direct access, like:
You could set up a profiles page where the profile showed is the one in the url querystring (similar to Daniweb). Only when the user id in the querystring is equal to the session user id (or if the user is an admin), do you make it editable.