Page 1 of 1

Problem in guestbook

Posted: Fri Oct 23, 2009 8:53 am
by Naeem
Hi all,
I have created a simple guest book in which user can log in and post comments guest book works perfect but the problem is i have add a edit link in all comments so user can edit comments but i want that users can only edit their own comments not others comment and users could only be seen edit link own there own comments how to do that here is code in which i have added a edit and delete link:

Code: Select all

 
$sql6 = mysql_query("SELECT commentid,title,comments FROM comment ");
    $sql7 = mysql_query("SELECT userid FROM registration WHERE username = '$_SESSION[username]' ");
    $sql_set12 = mysql_fetch_assoc($sql7);
    while ($sql_set11 = mysql_fetch_assoc($sql6)) {
        echo "<center>
    <table width='60%' border='1' style='border-collapse:collapse;border:1px solid #EEEDDD;'>";
        echo "<tr>
        <td width='30%' height='90px'>
            <b>Title:$sql_set11[title]</b><br />
            </td>
        <td width='70%' height='90px'>
        <b>$sql_set11[comments]</b><br /><br />";
        $_SESSION['admin_userid'] = $sql_set12['userid'];
        if ($_SESSION['admin_userid'] == 23) {
            echo "<b><a href='authenticate.php?do=edit&commentid=$sql_set11[commentid]'>Edit</a></b>&nbsp;&nbsp;<b><a href='authenticate.php?do=del&commentid=$sql_set11[commentid]'>Delete</a></b>";
        }
        echo "</td>
        </tr>";
        echo "</table><br />
</center>";
    }
 

Re: Problem in guestbook

Posted: Fri Oct 23, 2009 9:54 am
by Frelo
Does your 'comment' table have a userid field/column? If not, that would be the issue. When saving a comment, you need to also save the userid of the user who's creating it. This way, you'd have a reliable mapping to associate comments to users.

When you make this change, you'd then simply need to update your $sql6 query line to include "userid" in the select fields. And you wouldn't even need the $sql7 query since all you'd have to do would be to compare $_SESSION['admin_userid'] to "userid" from $sql6.

Hope that helps!

Re: Problem in guestbook

Posted: Sat Oct 24, 2009 3:30 am
by Naeem
Frelo wrote:Does your 'comment' table have a userid field/column? If not, that would be the issue. When saving a comment, you need to also save the userid of the user who's creating it. This way, you'd have a reliable mapping to associate comments to users.

When you make this change, you'd then simply need to update your $sql6 query line to include "userid" in the select fields. And you wouldn't even need the $sql7 query since all you'd have to do would be to compare $_SESSION['admin_userid'] to "userid" from $sql6.

Hope that helps!
Thanks for replying Frelo i will do this in other way but it's not working here is a new code:

Code: Select all

function show_Comments()
{
    $sql6 = mysql_query("SELECT commentid,title,comments,userid FROM comment ");
    $sql7 = mysql_query("SELECT userid FROM registration WHERE username = '$_SESSION[username]' ");
    $sql_set12 = mysql_fetch_assoc($sql7);
    while ($sql_set11 = mysql_fetch_assoc($sql6)) {
        echo "<center>
    <table width='60%' border='1' style='border-collapse:collapse;border:1px solid #EEEDDD;'>";
        echo "<tr>
        <td width='30%' height='90px'>
            <b>Title:$sql_set11[title]</b><br />
            </td>
        <td width='70%' height='90px'>
        <b>$sql_set11[comments]</b><br /><br />";
        if ($sql_set12['userid'] == $sql_set11['userid']) {
            echo "<b><a href='authenticate.php?do=edit&commentid=$sql_set11[commentid]'>Edit</a></b>&nbsp;&nbsp;<b><a href='authenticate.php?do=del&commentid=$sql_set11[commentid]'>Delete</a></b>";
        }
        echo "</td>
        </tr>";
        echo "</table><br />
</center>";
    }
    return $sql_set11;
}

Re: Problem in guestbook

Posted: Sat Oct 24, 2009 8:59 am
by Naeem
Any body please help me