Page 1 of 1

user account display data

Posted: Sat Mar 08, 2014 10:22 am
by Jpergega
Hi want to display some data once an user logged into their account, but right now my it displays all the records from one of my database table and some of them doesn't belong to the user. e.g logged in as user1 in the user1 account page you can find its own data and user2's and user3's as well. I don't want this I just want user1 account display its own data.
Please help I am a beginner. Thanks

Code: Select all

<?php 
session_start();
session_regenerate_id();
if($_SESSION['account_id'] == '')
{
    header('location: registration.php');
    exit;
}
?>
<html>
<body>
<table border="1">
<?php

//include database connection
$con=mysqli_connect("localhost","","","");//database connection
 
$query = "select account_id, goalName, goal_id, gdescription, progress from goal where account_id =".$_SESSION['account_id']; 
 
//execute the query
$result= mysqli_query($con,$query);
while($row = mysqli_fetch_assoc($result)){
?>
<tr>
<td><?php echo $row['goalName'] ; ?></td>
<td><?php echo $row['gdescription'] ; ?></td>
<td><?php echo $row['progress'] ; ?></td>
<td><a href="deletegoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">delete</a></td>
<td><a href="editGoal.php<?php echo '?goal_id='.$row['goal_id']; ?>">Edit</a></td>
<?php
} 
?>
</tr>
</table>
        </fieldset>     
         
    </body>
    
</html>
Also this is my login page I am not sure if has anything to do with this page:

Code: Select all

<?php
session_start();
$con=mysqli_connect("localhost","","","") or die();
 if(isset($_POST['submit']))
 {
  $username = trim($_POST['username']);
  $password = trim($_POST['password']);
  $permission = trim($_POST['permission']);

$query ="SELECT * FROM useraccount WHERE username='$_POST[username]'and password='$_POST[password]' and permission='$_POST[permission]'";
 
$result= mysqli_query($con,$query) or die(mysqli_error());
//$num_row = mysqli_num_rows($result);
while($row = mysqli_fetch_array($result)){
	if($_SESSION['account_id']=$row['username'] && $_POST['password']=="$password" && $_POST['permission']=="Student")
	{
		
		header("Location:studentAccount.php");
                exit;
	}
       else if($_SESSION['account_id']=$row['username']&& $_POST['password']=="$password" && $_POST['permission']=="Staff")
	{
		
		header("Location:staffAccount.php");
                exit;
	}
	else 
	{
		echo "You got credentials wrong"; 
	}
}
 }
?>

Re: user account display data

Posted: Sat Mar 08, 2014 10:40 am
by Christopher
I don't see that you set $_SESSION['account_id'] anywhere. How can this code work if it is not set?

Re: user account display data

Posted: Mon Mar 10, 2014 6:18 am
by jangmi
Pls, move $_SESSION['user_id']=... to before header("Location:...