admin edit all users

searls03 · March 11, 2011

I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile.

Maq · March 11, 2011

I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile.

Post the current code you have (I know you have some ;P).

searls03 · March 11, 2011

do you want the one from the other thread or the my profile edit page?

searls03 · March 11, 2011

here code from other thread:

<?php
session_start(); // Must start session first thing
/*
Created By Adam Khoury @ [url=http://'http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
// Here we run a login check
if (!isset($_SESSION['id'])) {
echo 'Please <a href="login.php">log in</a> to access your account';
exit();
}
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];

// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' limit 1");
while($row = mysql_fetch_array($sql)){
$id = $row['id'];

}



// Process the form if it is submitted
if ($_POST['rank']) {
      $badges = $_POST['badges'];
   $rank = $_POST['rank'];
$sql = mysql_query("UPDATE scoutinfo SET   badges='$badges', rank='$rank', id='$id'");
printf("Records updated: %d\n", mysql_affected_rows())
;


exit();
} // close if post
?>

and here edit profile:

<?php
session_start(); // Must start session first thing
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
// Here we run a login check
if (!isset($_SESSION['id'])) {
echo 'Please <a href="login.php">log in</a> to access your account';
exit();
}
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];



// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
        <li class="TabbedPanelsTab" tabindex="0">My Info</li>
        <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
        <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
  </ul>
      <div class="TabbedPanelsContentGroup">
        <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
  <table align="center" cellpadding="8" cellspacing="8">
   <tr>   <?php if ($accounttype == "Scout") {
?>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr><?php
   }
  ?>
      
      
   <tr>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td>Phone Number:</td>
      <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Address:</div></td>
      <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td>
      </tr>
    <tr>
      <td><div align="right">City:</div></td>
      <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">State:</div></td>
      <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Zip Code:</div></td>
      <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">Email:</div></td>
      <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td>
      </tr> 
    <tr>
      <td><div align="right">Cell Phone:</div></td>
      <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td class="aaaaaaa">Username:</td>
      <td><label for="username"></label>
        <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/>
        </td>
    </tr>
    <tr>
      <td class="aaaaaaa"> </td>
      <td><label for="accounttype"></label> 
        <input type="submit" name="submit" id="submit" value="Save" /></td>
    </tr>
    </table>
  </form>  
        </div>
        <div class="TabbedPanelsContent">
          <label for="badges"></label>
          <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
        </div>
        <div class="TabbedPanelsContent">
          <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
        </div>
      </div>
    </div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

searls03 · March 11, 2011

does this have something to do with a session id. I read somewhere else that it could

PFMaBiSmAd · March 11, 2011

You also need to define exactly what you want to happen at each step and what you want your user interface to be.

For example, if the current visitor is logged in and is an admin, how do you want to let him pick between editing his own profile or picking one of the other user's profile to edit and how does he go about picking which user to edit?

searls03 · March 11, 2011

I have a member search file:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$id = $_SESSION['id'];
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<style type="text/css">
#apDiv8 {
position:absolute;
left:1074px;
top:254px;
width:139px;
height:33px;
z-index:7;
}
#apDiv9 {
position:absolute;
left:813px;
top:225px;
width:142px;
height:65px;
z-index:7;
}
</style>
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="apDiv9"></div>
  <div id="apDiv8"></div>


<style type="text/css">

table {
background-color: #FCF;
}
th {
width: 150px;
text-align: left;
}
</style>

<h1>Member Search</h1>
<p><a href="join_form.php">New Member</a></p>
<form method="post" action="search1.php">
<input type="hidden" name="submitted" value="true" ?/>

<label>Search Category:

<select name="category">
<option value="name">Name</option>
<option value="username">Username</option>
<option value="email">Email</option>
<option value="phone">Phone Number</option>
</select>
</label>

<label>Search Criteria: <input type="text" name ="criteria" /> </label>

<input type="submit" />


</form>

<?php
if (isset($_POST['submitted'])) {
include('connect1.php');
$category = $_POST['category'];
$criteria = $_POST['criteria'] ;
$query = "SELECT * FROM members WHERE $category LIKE '%".$criteria."%'";
$result = mysqli_query($dbcon, $query) or die('error getting data');
$num_rows = mysqli_num_rows($result);
echo "$num_rows results found";
echo "<table>";
echo "<tr><th>Name</th> <th>Username</th> <th>Phone Number</th> <th>Email</th></tr>";
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
echo "<tr><td>";
echo "<a href=\"myprofile.php?id=".$row['id']."\">".$row['name']."</a>";
echo "</td><td>";
echo $row['username'];
echo "</td><td>";
echo $row['phone'];
echo "</td><td>";
echo $row['email'];
echo "</td></tr>";
}
echo "</table>";
}
?>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

searls03 · March 11, 2011

all links work, only when I click on the link and go to profile edit page, my info is pulled instead of other user

Maq · March 11, 2011

Looks like you're assigning $id to the session variable 'id' rather than passing it from the selected user.

searls03 · March 11, 2011

so what session should I set then? here is login form page where all sessions start:

<?php
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
if ($_POST['username']) {
//Connect to the database through our include
include_once "connect_to_mysql.php";
$username = stripslashes($_POST['username']);
$username = strip_tags($username);
$username = mysql_real_escape_string($username);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$name = $row["name"];
session_register('name');
$_SESSION['username'] = $username;
// Get member userlevel into a session variable
$userlevel = $row["userlevel"];
session_register('userlevel');
$_SESSION['userlevel'] = $userlevel;
// Update last_log_date field for this member now
mysql_query("UPDATE members SET lastlogin=now() WHERE id='$id'");
// Print success message here if all went well then exit the script
header("location: news.php?");
exit();
} // close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
exit();
}}
?>

PFMaBiSmAd · March 11, 2011

Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do.

1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing?

2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor.

The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page.

Maq · March 11, 2011

so what session should I set then? here is login form page where all sessions start:

Pass in the user id when you submit the form to edit their profile. You should already have this information.

searls03 · March 11, 2011

What do you mean pass in the user id?

searls03 · March 11, 2011

Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do.

1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing?

2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor.

The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page.

Can you give me the exact line and how to do it? I think I know where, and i tried changing it, but now it doesn't pull any id.

searls03 · March 12, 2011

Come on, I need some help. so How do i make it not display my info and submit to the right person in database.

PFMaBiSmAd · March 12, 2011

I need to know how to allow admin to essentially be "all users" ...

^^^ You have been told how to do that. We are not here to write your code for you and it will take more than changing a couple of lines of code. It will take some actual programming effort.

Have you modified (and tested) your code to use a GET parameter to specify which profile to display/edit/update, modified (and tested) your code to cause any links to be built with that GET parameter on them, and then to add (and test) the logic to determine what actions the current visitor can do on any of the relevant pages, depending on if he is a regular member and the profile is his or he is an administrator?

searls03 · March 12, 2011

I need to know what line(s) exactly need to be changed to get. I tried changing one line in the search code to get but now it pulls no id. The address it goes to is .../myprofile.php?id= and then no Id. I am pretty sure it has to do with session variable. But if I try to changethe variable no content displays then. I need to know where to put get and if the session variable could cause this. Thanks in advance for any help.

searls03 · March 12, 2011

Would this be easier to do if I had two tables? One for members,one for sessions?

searls03 · March 13, 2011

so would it work if instead of using id I were to make a new row call userid-not session variable. would this work? if so, how?

redarrow · March 13, 2011

You need to understand an id first.

we setup a databse like so

userid ((who the user is))

name (( user's name

dob (users date of birth

tel ((users telephone number

date ((date a note is made

time (a time a note is made

notes (notes))

We give users a userid in a datadabes, so we no who they are.

lets say a user can comment, on a note a user is showwing.

we need a new database colum for comments.

commentid ((this is the id of the commment

userid ((this is the person who wrote the comment

comment ((this is the comment

noteid(this is the userid of notes

date_of_note (this is date of note commenting on

time_of_note((this is time of note commenting on

date (this is the date of comment

time ((this is the time of comment

you read a note , and use a link to comment on the note,

fill in a form to comment, in the form your have hidden values,

date_of_note and time_of_note, and noteid.

know you can select a specific note, and see comments, form a single user easly.

There more to it, but there the basic idea, to get info about others, or even join info together. via a id...

----------------

Your jumping before you can walk.

Your trying to create a advance membership system, before knowing how a standard username and password system works.

it simple setup like this

members_power ((table name

member_id (members id from reg)

member_auth (what the member is 1=admin 2=user)

it a big clue........

cs.punk · March 13, 2011

Erm...

$user = $_SESSION['user'];

if ($user == $userWhoOwnsTheCurrentProfile OR $user == 'admin')
{
    // Show profile edit form etc
}

searls03 · March 13, 2011

I do know how the basic username and password work, I have done this before. I just haven't ever tried this admin edit all profiles before.

searls03 · March 13, 2011

so now I am able to get it to use correct id, only problem is, it completely switches users!!!!!!! please help:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$userid = $_SESSION['id'];
?>
<?php
// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'");
$sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE userid=".$_GET['userid']."");
while($row = mysql_fetch_array($sql)){
$userid = $row["userid"];
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
<!-- InstanceEndEditable -->
<!-- InstanceParam name="id" type="text" value="apDiv6" -->
</head>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->
  <div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
        <li class="TabbedPanelsTab" tabindex="0">My Info</li>
        <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
        <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
  </ul>
      <div class="TabbedPanelsContentGroup">
        <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
  <table align="center" cellpadding="8" cellspacing="8">
   <tr>   <?php if ($accounttype == "Scout") {
?>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr><?php
   }
  ?>
      
      
   <tr>
      <td><div align="right">Name:</div></td>
      <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td>Phone Number:</td>
      <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Address:</div></td>
      <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td>
      </tr>
    <tr>
      <td><div align="right">City:</div></td>
      <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">State:</div></td>
      <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td><div align="right">Zip Code:</div></td>
      <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td>
      </tr>
    <tr>
      <td><div align="right">Email:</div></td>
      <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td>
      </tr> 
    <tr>
      <td><div align="right">Cell Phone:</div></td>
      <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td>
      </tr>  
    <tr>
      <td class="aaaaaaa">Username:</td>
      <td><label for="username"></label>
        <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/>
        </td>
    </tr>
    <tr>
      <td class="aaaaaaa"> </td>
      <td><label for="accounttype"></label> 
        <input type="submit" name="submit" id="submit" value="Save" /></td>
        <input name="userid" type="text" value="<?php echo "$userid"; ?>" />
    </tr>
    </table>
  </form>  
        </div>
        <div class="TabbedPanelsContent">
          <label for="badges"></label>
          <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
        </div>
        <div class="TabbedPanelsContent">
          <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
        </div>
      </div>
    </div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

searls03 · March 16, 2011

All right, I am able to get the correct content to come up if there is no session set.......duh. So here is code I have it sets a session, but that is not the session I want.....I want userid not userid1 to be it............but that is the only way I can get info to display. Here is php code for the profile edit page:

<?php
session_start(); // Must start session first thing
/* 
Created By Adam Khoury @ www.flashbuilding.com 
-----------------------June 20, 2008----------------------- 
*/
// Here we run a login check
if (!isset($_SESSION['id'])) { 
   echo 'Please <a href="login.php">log in</a> to access your account';
   exit(); 
}

//Connect to the database through our include 
include_once "connect_to_mysql.php";
// Place Session variable 'id' into local variable
$userid1 = $_SESSION['id'];
?>
<?php
// Process the form if it is submitted
if ($_POST['username']) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$username = $_POST['username'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$cell = $_POST['cell'];
$email = $_POST['email'];
$rank = $_POST['rank'];
$badges = $_POST['badges'];
$sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'");
$sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'");
echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br />
<meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">';
exit();
} // close if post
?>


<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM editinfo WHERE userid1=".$_GET['userid1']."");
while($row = mysql_fetch_array($sql)){
$userid1 = $row["userid1"];
$name1 = $row["name1"];
$phone1 = $row["phone1"];
$username1 = $row["username1"];
$address1 = $row["address1"];
$city1 = $row["city1"];
$state1 = $row["state1"];
$zip1 = $row["zip1"];
$cell1 = $row["cell1"];
$email1 = $row["email1"];
$accounttype1 = $row["accounttype1"];
$rank1 = $row["rank1"];
$badges1 = $row["badges1"];
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:320px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:361px;
width:254px;
height:46px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:525px;
width:256px;
height:43px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:402px;
width:250px;
height:48px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:106px;
top:616px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:323px;
top:200px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:443px;
width:266px;
height:42px;
z-index:6;
}
#apDiv8 {
position:absolute;
left:111px;
top:500px;
width:125px;
height:37px;
z-index:7;
}
#apDiv8 strong {
font-size: 24px;
}
#apDiv9 {
position:absolute;
left:33px;
top:408px;
width:267px;
height:49px;
z-index:8;
}
#apDiv10 {
position:absolute;
left:33px;
top:449px;
width:242px;
height:23px;
z-index:9;
}
#apDiv8 a {
color: #000;
}
#apDiv11 {
position:absolute;
left:101px;
top:490px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv11 a {
color: #000;
}
#apDiv12 {
position:absolute;
left:33px;
top:210px;
width:205px;
height:135px;
z-index:11;
}
#apDiv12 {
text-align: center;
}
#apDiv13 {
position:absolute;
left:33px;
top:320px;
width:258px;
height:47px;
z-index:12;
}
#apDiv {
position:absolute;
left:33px;
top:484px;
width:225px;
height:35px;
z-index:11;
}
#apDiv14 {
position:absolute;
left:33px;
top:566px;
width:298px;
height:51px;
z-index:12;
}
#apDiv15 {	position:absolute;
left:101px;
top:611px;
width:168px;
height:42px;
z-index:10;
font-size: 24px;
font-weight: bold;
}
#apDiv5 a {
font-size: 24px;
color: #000;
font-weight: bold;
}
</style>
<script type="text/javascript">
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script>
<link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" />
</head>
<?php
// Query member data from the database and ready it for display
$sql = mysql_query("SELECT * FROM members WHERE userid='userid'");
while($row = mysql_fetch_array($sql)){
$name = $row["name"];
$phone = $row["phone"];
$username = $row["username"];
$address = $row["address"];
$city = $row["city"];
$state = $row["state"];
$zip = $row["zip"];
$cell = $row["cell"];
$email = $row["email"];
$accounttype = $row["accounttype"];
$rank = $row["rank"];
$badges = $row["badges"];
}
?>
<body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')">
<div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div>
<div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div>

<div id="apDiv11"><?php if ($accounttype == "Scout") {
echo '<a href="../logout.php">Logout</a>';} ?></div>
<div id="apDiv12"><?php echo "$accounttype"; ?>
  <p><?php echo "$name"; ?></p>
  <p>Troop 78</p>
</div>
<div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div>
<div id="apDiv5"><?php if ($accounttype == "Admin") {
echo "<a href=\"../logout.php\">Logout</a>";
}
?></div>
</a>
</div>

<div id="apDiv6">
<div id="TabbedPanels1" class="TabbedPanels">
  <ul class="TabbedPanelsTabGroup">
    <li class="TabbedPanelsTab" tabindex="0">My Info</li>
    <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li>
    <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li>
    </ul>
  <div class="TabbedPanelsContentGroup">
    <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );">
      <table align="center" cellpadding="8" cellspacing="8">
        <tr>   <?php if ($accounttype == "Scout") {
?>
          <td><div align="right">Name:</div></td>
          <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td>
          </tr><?php
   }
  ?>
        
        
        <tr>
          <td><div align="right">Name:</div></td>
          <td><input name="name" type="text" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td>Phone Number:</td>
          <td><input name="phone" type="text" id="phone" value="<?php echo "$phone1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td><div align="right">Address:</div></td>
          <td><input name="address" type="text" id="address" value="<?php echo "$address1"; ?>" size="30" maxlength="24" /></td>
          </tr>
        <tr>
          <td><div align="right">City:</div></td>
          <td><input name="city" type="text" id="city" value="<?php echo "$city1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td><div align="right">State:</div></td>
          <td><input name="state" type="text" id="state" value="<?php echo "$state1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td><div align="right">Zip Code:</div></td>
          <td><input name="zip" type="text" id="zip" value="<?php echo "$zip1"; ?>" size="30" maxlength="64" /></td>
          </tr>
        <tr>
          <td><div align="right">Email:</div></td>
          <td><input name="email" type="text" id="email" value="<?php echo "$email1"; ?>" size="30" maxlength="64" /></td>
          </tr> 
        <tr>
          <td><div align="right">Cell Phone:</div></td>
          <td><input name="cell" type="text" id="cell" value="<?php echo "$cell1"; ?>" size="30" maxlength="64" /></td>
          </tr>  
        <tr>
          <td class="aaaaaaa">Username:</td>
          <td><label for="username"></label>
            <input name="username" type="text" id="username" value="<?php echo "$username1"; ?>"/>
            </td>
          </tr>
        <tr>
          <td class="aaaaaaa"> </td>
          <td><label for="accounttype"></label> 
            <input type="submit" name="submit" id="submit" value="Save" /></td>
          <input name="userid" type="text" value="<?php echo "$userid1"; ?>" />
          </tr>
        </table>
      </form>  
      </div>
    <div class="TabbedPanelsContent">
      <label for="badges"></label>
      <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" />
      </div>
    <div class="TabbedPanelsContent">
      <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" />
      </div>
    </div>
</div>
  <script type="text/javascript">
var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1");
  </script>
</div>
<div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div>
<div id="apDiv"> <?php if ($accounttype == "Admin") {
echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>";
} 
?></div>
<div id="apDiv3"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\"  name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>";
}
?>
</div>
<div id="apDiv14"><?php if ($accounttype == "Admin") {
echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\"  name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>";
}
?>
</div>
<img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
</html>

Here is the login page where all the variables are intitialized!!!!!

<?php
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
if ($_POST['username']) {
//Connect to the database through our include
include_once "connect_to_mysql.php";
$username = stripslashes($_POST['username']);
$username = strip_tags($username);
$username = mysql_real_escape_string($username);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters
$password = md5($password);
// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("SELECT * FROM sessions WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$name = $row["name"];
session_register('name');
$_SESSION['username'] = $username;
// Get member userlevel into a session variable
$userlevel = $row["userlevel"];
session_register('userlevel');
$_SESSION['userlevel'] = 9;
// Update last_log_date field for this member now
mysql_query("UPDATE sessions SET lastlogin=now() WHERE id='$id'");
// Print success message here if all went well then exit the script
header("location: news.php?");
exit();
} // close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br />
<br /><a href="login.php">Click here</a> to go back to the login page.';
exit();
}}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template3.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Member Login</title>
<!-- InstanceEndEditable -->
<style type="text/css">
#apDiv1 {
position:absolute;
left:33px;
top:203px;
width:252px;
height:48px;
z-index:1;
}
#apDiv2 {
position:absolute;
left:33px;
top:244px;
width:254px;
height:80px;
z-index:2;
}
#apDiv3 {
position:absolute;
left:33px;
top:367px;
width:256px;
height:65px;
z-index:3;
}
#apDiv4 {
position:absolute;
left:33px;
top:285px;
width:250px;
height:61px;
z-index:4;
}
#apDiv5 {
position:absolute;
left:339px;
top:199px;
width:263px;
height:255px;
z-index:5;
}
#apDiv6 {
position:absolute;
left:325px;
top:184px;
width:898px;
height:530px;
z-index:5;
}
#apDiv7 {
position:absolute;
left:33px;
top:326px;
width:266px;
height:83px;
z-index:6;
}
</style>
<script type="text/javascript">
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
</script>
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
</head>

<body onload="MM_preloadImages('button/register2.png','button/login2.png')">
<div id="apDiv1"><a href="pictures.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image2','','button/register2.png',1)"><img src="button/pictures1.png" name="Image2" width="300" height="50" border="0" id="Image2" /></a></div>

<div id="apDiv2"><a href="login.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/login2.png',1)"><img src="button/login1.png" name="Image3" width="300" height="50" border="0" id="Image3" /></a>
  <div id="apDiv4"></div>
</div>

<div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" -->


<script type="text/javascript">
<!-- Form Validation -->
function validate_form ( ) { 
valid = true; 
if ( document.logform.username.value == "" ) { 
alert ( "Please enter your User Name" ); 
valid = false;
}
if ( document.logform.pass.value == "" ) { 
alert ( "Please enter your password" ); 
valid = false;
}
return valid;
}
<!-- Form Validation -->
</script>

     <div align="center">
       <h3><br />
         <br />
       Log in to your account here<br />  
       <br />
       </h3>
     </div>
     <table align="center" cellpadding="5">
      <form action="login.php" method="post" enctype="multipart/form-data" name="logform" id="logform" onsubmit="return validate_form ( );">
        <tr>
          <td class="style7"><div align="right">Username:</div></td>
          <td><input name="username" type="text" id="username" size="30" maxlength="64" /></td>
        </tr>  
        <tr>
          <td class="style7"><div align="right">Password:</div></td>
          <td><input name="password" type="password" id="password" size="30" maxlength="24" /></td>
        </tr>
        <tr>
          <td> </td>
          <td><input name="Submit" type="submit" value="Login" /></td>
        </tr>
      </form>
    </table>
<!-- InstanceEndEditable --></div>
<div id="apDiv7"></div><img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" />
</body>
<!-- InstanceEnd --></html>

If you could help me figure out the correct code for this so that the PHP tags work such as in the places where buttons show only if your accounttype is Admin (which needs session, duh) that would be so, so, so great!!!!!!!!!!!!!!!!!!!!!

Sign In

admin edit all users

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information