MySQL SESSION

Συζητήσεις για την βάση δεδομένων MySQL και το phpMyAdmin

Συντονιστές: WebDev Moderators, Super-Moderators

Απάντηση
mola_kalouba
Δημοσιεύσεις: 168
Εγγραφή: 17 Φεβ 2008 11:14
Επικοινωνία:

MySQL SESSION

Δημοσίευση από mola_kalouba » 16 Σεπ 2010 16:18

Αφου δείτε την εικονα τι θελω να κανω http://img178.imageshack.us/i/website.gif/

Σας λεω οτι μόλις πατησεις στο λινκ σε περνει στην editpost.php αλλα η SESSION περνει πάντα το id της τελευταιας υπάρχουσας εγγραφης ωρίστε και ο κώδικας των editpost.php και offers & news.php

Κωδικας PHP Offers & news.php

Κώδικας: Επιλογή όλων

<?php session_start&#40;&#41;; ?>
<?php require_once&#40;'../../Connections/Filmar.php'&#41;; ?>
<?php include&#40;'logout.inc.php'&#41;; ?>
<?php
if &#40;!isset&#40;$_SESSION&#41;&#41; &#123;
  session_start&#40;&#41;;
&#125;
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page&#58; Grant or deny access to this page
function isAuthorized&#40;$strUsers, $strGroups, $UserName, $UserGroup&#41; &#123; 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if &#40;!empty&#40;$UserName&#41;&#41; &#123; 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode&#40;",", $strUsers&#41;; 
    $arrGroups = Explode&#40;",", $strGroups&#41;; 
    if &#40;in_array&#40;$UserName, $arrUsers&#41;&#41; &#123; 
      $isValid = true; 
    &#125; 
    // Or, you may restrict access to only certain users based on their username. 
    if &#40;in_array&#40;$UserGroup, $arrGroups&#41;&#41; &#123; 
      $isValid = true; 
    &#125; 
    if &#40;&#40;$strUsers == ""&#41; && true&#41; &#123; 
      $isValid = true; 
    &#125; 
  &#125; 
  return $isValid; 
&#125;

$MM_restrictGoTo = "index.php";
if &#40;!&#40;&#40;isset&#40;$_SESSION&#91;'MM_Username'&#93;&#41;&#41; && &#40;isAuthorized&#40;"",$MM_authorizedUsers, $_SESSION&#91;'MM_Username'&#93;, $_SESSION&#91;'MM_UserGroup'&#93;&#41;&#41;&#41;&#41; &#123;   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER&#91;'PHP_SELF'&#93;;
  if &#40;strpos&#40;$MM_restrictGoTo, "?"&#41;&#41; $MM_qsChar = "&";
  if &#40;isset&#40;$QUERY_STRING&#41; && strlen&#40;$QUERY_STRING&#41; > 0&#41; 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode&#40;$MM_referrer&#41;;
  header&#40;"Location&#58; ". $MM_restrictGoTo&#41;; 
  exit;
&#125;
?>
<?php
if &#40;!function_exists&#40;"GetSQLValueString"&#41;&#41; &#123;
function GetSQLValueString&#40;$theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""&#41; 
&#123;
  if &#40;PHP_VERSION < 6&#41; &#123;
    $theValue = get_magic_quotes_gpc&#40;&#41; ? stripslashes&#40;$theValue&#41; &#58; $theValue;
  &#125;

  $theValue = function_exists&#40;"mysql_real_escape_string"&#41; ? mysql_real_escape_string&#40;$theValue&#41; &#58; mysql_escape_string&#40;$theValue&#41;;

  switch &#40;$theType&#41; &#123;
    case "text"&#58;
      $theValue = &#40;$theValue != ""&#41; ? "'" . $theValue . "'" &#58; "NULL";
      break;    
    case "long"&#58;
    case "int"&#58;
      $theValue = &#40;$theValue != ""&#41; ? intval&#40;$theValue&#41; &#58; "NULL";
      break;
    case "double"&#58;
      $theValue = &#40;$theValue != ""&#41; ? doubleval&#40;$theValue&#41; &#58; "NULL";
      break;
    case "date"&#58;
      $theValue = &#40;$theValue != ""&#41; ? "'" . $theValue . "'" &#58; "NULL";
      break;
    case "defined"&#58;
      $theValue = &#40;$theValue != ""&#41; ? $theDefinedValue &#58; $theNotDefinedValue;
      break;
  &#125;
  return $theValue;
&#125;
&#125;

$editFormAction = $_SERVER&#91;'PHP_SELF'&#93;;
if &#40;isset&#40;$_SERVER&#91;'QUERY_STRING'&#93;&#41;&#41; &#123;
  $editFormAction .= "?" . htmlentities&#40;$_SERVER&#91;'QUERY_STRING'&#93;&#41;;
&#125;

if &#40;&#40;isset&#40;$_POST&#91;"MM_insert"&#93;&#41;&#41; && &#40;$_POST&#91;"MM_insert"&#93; == "form1"&#41;&#41; &#123;
  $insertSQL = sprintf&#40;"INSERT INTO offers &#40;username, message&#41; VALUES &#40;%s, %s&#41;",
                       GetSQLValueString&#40;$_POST&#91;'username'&#93;, "text"&#41;,
                       GetSQLValueString&#40;$_POST&#91;'message'&#93;, "text"&#41;&#41;;

  mysql_select_db&#40;$database_Filmar, $Filmar&#41;;
  $Result1 = mysql_query&#40;$insertSQL, $Filmar&#41; or die&#40;mysql_error&#40;&#41;&#41;;

  $insertGoTo = "control_panel.php?status=3";
  if &#40;isset&#40;$_SERVER&#91;'QUERY_STRING'&#93;&#41;&#41; &#123;
    $insertGoTo .= &#40;strpos&#40;$insertGoTo, '?'&#41;&#41; ? "&" &#58; "?";
    $insertGoTo .= $_SERVER&#91;'QUERY_STRING'&#93;;
  &#125;
  header&#40;sprintf&#40;"Location&#58; %s", $insertGoTo&#41;&#41;;
&#125;

if &#40;!function_exists&#40;"GetSQLValueString"&#41;&#41; &#123;
function GetSQLValueString&#40;$theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""&#41; 
&#123;
  if &#40;PHP_VERSION < 6&#41; &#123;
    $theValue = get_magic_quotes_gpc&#40;&#41; ? stripslashes&#40;$theValue&#41; &#58; $theValue;
  &#125;

  $theValue = function_exists&#40;"mysql_real_escape_string"&#41; ? mysql_real_escape_string&#40;$theValue&#41; &#58; mysql_escape_string&#40;$theValue&#41;;
    switch &#40;$theType&#41; &#123;
    case "text"&#58;
      $theValue = &#40;$theValue != ""&#41; ? "'" . $theValue . "'" &#58; "NULL";
      break;    
    case "long"&#58;
    case "int"&#58;
      $theValue = &#40;$theValue != ""&#41; ? intval&#40;$theValue&#41; &#58; "NULL";
      break;
    case "double"&#58;
      $theValue = &#40;$theValue != ""&#41; ? doubleval&#40;$theValue&#41; &#58; "NULL";
      break;
    case "date"&#58;
      $theValue = &#40;$theValue != ""&#41; ? "'" . $theValue . "'" &#58; "NULL";
      break;
    case "defined"&#58;
      $theValue = &#40;$theValue != ""&#41; ? $theDefinedValue &#58; $theNotDefinedValue;
      break;
  &#125;
  return $theValue;
&#125;
&#125;

$colname_getOffers = "-1";
if &#40;$_SESSION&#91;'MM_Username'&#93; <> 'root'&#41; &#123;
  $colname_getOffers = $_SESSION&#91;'MM_Username'&#93;;

mysql_select_db&#40;$database_Filmar, $Filmar&#41;;
$query_getOffers = sprintf&#40;"SELECT id, username, message, `date` FROM offers WHERE username = %s", GetSQLValueString&#40;$colname_getOffers, "text"&#41;&#41;;
$getOffers = mysql_query&#40;$query_getOffers, $Filmar&#41; or die&#40;mysql_error&#40;&#41;&#41;;
$row_getOffers = mysql_fetch_assoc&#40;$getOffers&#41;;
$totalRows_getOffers = mysql_num_rows&#40;$getOffers&#41;;
&#125;
else &#123;
mysql_select_db&#40;$database_Filmar, $Filmar&#41;;
$query_getOffers = "SELECT id, username, message, `date` FROM offers";
$getOffers = mysql_query&#40;$query_getOffers, $Filmar&#41; or die&#40;mysql_error&#40;&#41;&#41;;
$row_getOffers = mysql_fetch_assoc&#40;$getOffers&#41;;
$totalRows_getOffers = mysql_num_rows&#40;$getOffers&#41;;
&#125;
?>
HTML code Offers & news.php

Κώδικας: Επιλογή όλων

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http&#58;//www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http&#58;//www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/Filmar CMS_page.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<link href="offers.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<link href="CMS.css" rel="stylesheet" type="text/css" />
</head>

<body class="oneColFixCtrHdr">

<div id="container">
  <div id="header">
    <!-- end #header -->
  </div>
  <div id="menubaset"><a href="control_panel.php">Back to Control Panel</a><a href="update.php">Change Profile</a><a href="<?php echo $logoutAction ?>">Logout</a></div>
  <!-- InstanceBeginEditable name="mainContent" -->
    
    <div id="mainContent">
    <h1>Offers and News</h1>
    <?php if &#40;$totalRows_getOffers == 0&#41; &#123; // Show if recordset empty ?>
      <p class="maincontent_text">No Post found.</p>
      <?php &#125; // Show if recordset empty ?>
      <?php if &#40;$totalRows_getOffers > 0&#41; &#123; // Show if recordset not empty ?>
        <table width="70%" border="0" cellpadding="0" cellspacing="0" id="post">
          <tr class="post_title">
            <td width="18%" id="frist">Posted by</td>
            <td width="40%">Message</td>
            <td width="24%">Date</td>
            <td width="9%">&nbsp;</td>
            <td width="9%">&nbsp;</td>
          </tr>
          <?php do &#123; ?>
            <tr class="postmsg">
              <td id="msg"><?php echo $row_getOffers&#91;'username'&#93;; ?></td>
              <td><?php echo $row_getOffers&#91;'message'&#93;; ?></td>
              <td><?php echo $row_getOffers&#91;'date'&#93;; ?></td>
              <td><a href="editpost.php" onclick="<?php $_SESSION&#91;'id'&#93; = $row_getOffers&#91;'id'&#93;; ?>">Edit</a></td>
              <td>Delete</td>
            </tr>
            <?php &#125; while &#40;$row_getOffers = mysql_fetch_assoc&#40;$getOffers&#41;&#41;; ?>
        </table>
        <?php &#125; // Show if recordset not empty ?>
<p>&nbsp;</p>
<form id="form1" name="form1" method="POST" action="<?php echo $editFormAction; ?>">
  <p>Message
    &#58;</p>
  <p>
    <textarea name="message" cols="60" rows="15" class="oneColFixCtrHdr" id="message"></textarea>
  </p>
  <p>
    <input type="submit" name="submit" id="submit" value="Send Post" />
    <input name="username" type="hidden" id="username" value="<?php echo $_SESSION&#91;'MM_Username'&#93;; ?>" />
  </p>
  <input type="hidden" name="MM_insert" value="form1" />
</form>
<p>&nbsp;</p>
<p class="clearev"></p>
  <!-- end #mainContent -->
</div>
<!-- InstanceEndEditable -->
<!-- end #container --></div>
</body>
<!-- InstanceEnd --></html>
<?php
mysql_free_result&#40;$getOffers&#41;;
?>
editpost.php PHP code

Κώδικας: Επιλογή όλων

<?php session_start&#40;&#41;; ?>
<?php
if &#40;!isset&#40;$_SESSION&#41;&#41; &#123;
  session_start&#40;&#41;;
&#125;
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page&#58; Grant or deny access to this page
function isAuthorized&#40;$strUsers, $strGroups, $UserName, $UserGroup&#41; &#123; 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if &#40;!empty&#40;$UserName&#41;&#41; &#123; 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode&#40;",", $strUsers&#41;; 
    $arrGroups = Explode&#40;",", $strGroups&#41;; 
    if &#40;in_array&#40;$UserName, $arrUsers&#41;&#41; &#123; 
      $isValid = true; 
    &#125; 
    // Or, you may restrict access to only certain users based on their username. 
    if &#40;in_array&#40;$UserGroup, $arrGroups&#41;&#41; &#123; 
      $isValid = true; 
    &#125; 
    if &#40;&#40;$strUsers == ""&#41; && true&#41; &#123; 
      $isValid = true; 
    &#125; 
  &#125; 
  return $isValid; 
&#125;

$MM_restrictGoTo = "index.php";
if &#40;!&#40;&#40;isset&#40;$_SESSION&#91;'MM_Username'&#93;&#41;&#41; && &#40;isAuthorized&#40;"",$MM_authorizedUsers, $_SESSION&#91;'MM_Username'&#93;, $_SESSION&#91;'MM_UserGroup'&#93;&#41;&#41;&#41;&#41; &#123;   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER&#91;'PHP_SELF'&#93;;
  if &#40;strpos&#40;$MM_restrictGoTo, "?"&#41;&#41; $MM_qsChar = "&";
  if &#40;isset&#40;$QUERY_STRING&#41; && strlen&#40;$QUERY_STRING&#41; > 0&#41; 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode&#40;$MM_referrer&#41;;
  header&#40;"Location&#58; ". $MM_restrictGoTo&#41;; 
  exit;
&#125;
?>
<?php include&#40;'logout.inc.php'&#41;; ?>
HTML code editpost.php

Κώδικας: Επιλογή όλων

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http&#58;//www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http&#58;//www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/Filmar CMS_page.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<link href="editpost.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<link href="CMS.css" rel="stylesheet" type="text/css" />
</head>

<body class="oneColFixCtrHdr">

<div id="container">
  <div id="header">
    <!-- end #header -->
  </div>
  <div id="menubaset"><a href="control_panel.php">Back to Control Panel</a><a href="update.php">Change Profile</a><a href="<?php echo $logoutAction ?>">Logout</a></div>
  <!-- InstanceBeginEditable name="mainContent" -->
    
    <div id="mainContent">
    <h1>Edit Post</h1>
  <p class="maincontent_text">&nbsp;</p>
  <form id="form1" name="form1" method="post" action="">
    <p>
      <textarea name="message" cols="60" rows="15" id="message"></textarea>
    </p>
    <p>
      <input type="submit" name="submit" id="submit" value="Save Settings" />
      <?php echo $_SESSION&#91;'id'&#93;; ?>    </p>
  </form>
<p class="clearev"></p>
  <!-- end #mainContent -->
</div>
<!-- InstanceEndEditable -->
<!-- end #container --></div>
</body>
<!-- InstanceEnd --></html>
Σας ευχαριστω πολυ

Υ.Γ. Συγνωμη για το τεραστιο ποστ

Απάντηση

Επιστροφή στο “MySQL”

Μέλη σε σύνδεση

Μέλη σε αυτήν τη Δ. Συζήτηση: Δεν υπάρχουν εγγεγραμμένα μέλη και 3 επισκέπτες