user account display data

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Jpergega
Forum Newbie
Posts: 3
Joined: Sat Feb 15, 2014 9:29 am

user account display data

Post by Jpergega »

Hi want to display some data once an user logged into their account, but right now my it displays all the records from one of my database table and some of them doesn't belong to the user. e.g logged in as user1 in the user1 account page you can find its own data and user2's and user3's as well. I don't want this I just want user1 account display its own data.
Please help I am a beginner. Thanks

Code: Select all

<?php 
session_start();
session_regenerate_id();
if($_SESSION['account_id'] == '')
{
    header('location: registration.php');
    exit;
}
?>
<html>
<body>
<table border="1">
<?php

//include database connection
$con=mysqli_connect("localhost","","","");//database connection
 
$query = "select account_id, goalName, goal_id, gdescription, progress from goal where account_id =".$_SESSION['account_id']; 
 
//execute the query
$result= mysqli_query($con,$query);
while($row = mysqli_fetch_assoc($result)){
?>
<tr>
<td><?php echo $row['goalName'] ; ?></td>
<td><?php echo $row['gdescription'] ; ?></td>
<td><?php echo $row['progress'] ; ?></td>
<td><a href="deletegoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">delete</a></td>
<td><a href="editGoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">Edit</a></td>
<?php
} 
?>
</tr>
</table>
        </fieldset>     
         
    </body>
    
</html>
Also this is my login page I am not sure if has anything to do with this page:

Code: Select all

<?php
session_start();
$con=mysqli_connect("localhost","","","") or die();
 if(isset($_POST['submit']))
 {
  $username = trim($_POST['username']);
  $password = trim($_POST['password']);
  $permission = trim($_POST['permission']);

$query ="SELECT * FROM useraccount WHERE username='$_POST[username]'and password='$_POST[password]' and permission='$_POST[permission]'";
 
$result= mysqli_query($con,$query) or die(mysqli_error());
//$num_row = mysqli_num_rows($result);
while($row = mysqli_fetch_array($result)){
	if($_SESSION['account_id']=$row['username'] && $_POST['password']=="$password" && $_POST['permission']=="Student")
	{
		
		header("Location:studentAccount.php");
                exit;
	}
       else if($_SESSION['account_id']=$row['username']&& $_POST['password']=="$password" && $_POST['permission']=="Staff")
	{
		
		header("Location:staffAccount.php");
                exit;
	}
	else 
	{
		echo "You got credentials wrong"; 
	}
}
 }
?>
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: user account display data

Post by Christopher »

I don't see that you set $_SESSION['account_id'] anywhere. How can this code work if it is not set?
(#10850)
jangmi
Forum Newbie
Posts: 11
Joined: Sat Mar 08, 2014 7:39 am

Re: user account display data

Post by jangmi »

Pls, move $_SESSION['user_id']=... to before header("Location:...
Post Reply