How To Control Access To Specific Mysql Records For A User
I am just trying out a php form, when posted submits data to database. The system is we allow everyone to submit the form. As administrator I can view and edit the records. But whoever submits the form should be a registered user and he should be able to only view his records but not edit.
View Complete Forum Thread with Replies
Related Forum Messages:
Grabbing Specific MySQL Records
I have set up a target page to pull information out of a mySQL database to populate the page. The problem is that it is only pulling from the first record and not the record specified. What do I have to do to pull from a specific record? I am using Dreamweaver MX to administer the site on WinXP using PHP if that information will help.
View Replies !
Access Control
I created a website for our college radio which is held on a server outside the college framework. As well as all the usual public stuff it also has a studio management area which gives presenters access to such things as the register, notes and reading the requests. I want to make it so they can only access this area when they are using the computer in the studio, which is part of the college network. At the moment I've had to use a very basic system where they have to upload a file to the server to be checked, which is held on a floppy on the studio machine, but obviously this is far from foolproof. Getting the IP obviously wouldn't work as it would just get the college's IP address which would show as the same for every computer in the college.
View Replies !
Access Control
Based on some info on this newsgroup, I'm trying to password protect a directory of both PHP, HTML, and image files. The web server is Apache 2 and PHP is 4.4.4. I created this .htaccess file RewriteCond %{REQUEST_FILENAME} -f RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L] and then, just to check to make sure requests were hitting hte accesscontrol.php file, I created accesscontrol.php to look like below: <?php header('HTTP/1.0 401 Unauthorized'); exit; ?>
View Replies !
Access Level Control
I am setting up a login for my site, using a very simple table in mySQL and Dreamweaver's PHP behaviours. In my table thereis: username password email access_level I just cannot get the access level to work at all. I have used the 'restrict access to page' on the pages in question, specifying my two levels of access - 'board' and 'user. It either lets everyone in regardless or lets no one in. I have followed two different tutorials on this and nothing seems to work. Where am I going wrong?
View Replies !
Access Control Based On Different Server
I surely hope that someone can help me out with this rather (for me) challenging task I’m facing: I have a site running on a LAN that includes several servers that have each of their own permission configuration. PHP (v4.2.2) is running on a simple WinNT with FoxServ, and it’s doing a great job – but now I need to control the user access, based on the configuration of another server (that can’t be setup to run PHP). My idea is to put some lines of code into the index file, pointing to a file located on the access controlled server. See: “client can’t connect to the file = redirected to another site / client can connect to the file = the site continues as if nothing ever happened. The problem here is, that the server running PHP do always have access to this server, so the returned information has to be based on the clients access permission. Since I’m newbie in this, I happily believe that this can be done – I just don’t know how. I tried with 'include' and 'request', but i learned that this can only be done with http and ftp (+local of course).
View Replies !
Warning: MySQL Connection Failed: Access Denied For User: 'username@localhost'
I just installed the latest versions of apache, mysql, and php, and I have a script i made to just connect to the database, but I get an error such as: Warning: Access denied for user: 'username@localhost' (Using password: YES) in c:pathofapachehtdocsmysqlconn.php on line 7 Warning: MySQL Connection Failed: Access denied for user: 'username@localhost' (Using password: YES) in c:pathofapachehtdocsmysqlconn.php on line 7 Unable to connect to database This error is driving me insane. I've tried everything I've found possible answer too. I am a newbie and I am just learning, but I KNOW this should work. Here is my connection script. PHP Code:
View Replies !
Count Specific Records In DB
I am making a private messaging script as an addon for a script I have already made and was wondering how I would go about counting the number of messages in a table that are to a certain user.... eg... the database +--------------------+ |todj | message | --------------------- | |User 1 | Blah blah... | |User 2 | Blah blah... | |User 1 | Blah blah... | +--------------------+ Now what query would I use to ask it how many messages are there for User 1 and then echo it in text form? Something like this maybe? <?php $result = mysql_query("COUNT to WHERE to="$_SESSION['username']"); ?> The table also contains a subject, date, and fromdj field if it makes any difference.
View Replies !
Delete Specific Records
On clients machine, currently to delete on trainee record it runs 10 queries to delete records from 10 tables. At the time of running all queries, server shows (104) Connection reset by peer. An error condition occurred while reading data from the network. I think it because of running 10 queries at a same time. Is there any possibility that through one line of query we can delete record from 10 tables. I've tried following query DELETE FROM table1, table2, table3, table4, table5, table6, table7, table8, table9, table10 WHERE empID = 11; But it gives ' error in query.
View Replies !
Role-based Access Control (RBAC)
Is anyone aware of robust software, suited to a preexisting PHP application, that handles permissions for various types of requests by role rather than user ID? I'm speaking of maintaining/editing the permissions and deciding on the requests, but either "half" of the solution might be useful.
View Replies !
User Authentication And PHP Saving As Specific User.
the users of my server had to upload their pages by sftp and only the user who uploaded a page was able to edit itafterwards. I've been asked to make a secure way for users to log on through the web and edit their pages online. However, although using .htaccess to authenticate users, the script saves as user 'nobody' and is not able to edit pages previously uploaded (and saved as user 'john_doe'). What I am trying to do is make the script save using the same username as the user used to log on.
View Replies !
Need Help Extracting Specific Records In An Array
I am using a pc of code that is as follows: while ($row = mysql_fetch_array ($result)) { echo "user_id: ".$row["file_name"]."<br>"; echo "user_id: ".$row["file_author"]."<br>"; echo "fullname: ".$row["file_keywords"]."<br>"; echo "fullname: ".$row["file_description"]."<p>"; } This will extract all the data from the records that have been stored in $row. The question I have is how to take out slective informtion? Let's say I have a complete $row array (40 finds) but only want to show the first 3-6 records. How do I access hose specific miages?
View Replies !
Is Using LDAP Or SESSION More Secure For Authentication And Access Control?
I am considering a large project and they currently use LDAP on MS platform. It would be moved to a LAMP platform. OpenLDAP is an option though I have not used it before. I do feel fairly confortable with my ability to use SESSIONS for authentication and access control. Would it better to learn and use LDAP or can you REALLY have just as secure authentication and access control using Sessions?
View Replies !
Creating User Control In PHP
I was looking into a ASP .NET site which on all the pages had a menu down the side, and controlled other pages. I looked for the file and found out it was called nav.ascx. Apparently it's a user control file, can you do something like this with PHP?
View Replies !
$http_referrer Allow Access From Specific URL Only
I am trying to figure out the correct PHP coding to put on a page that will only allow access if referred by a specific URL or URLs (link from another site) and if they are not c oming from that URL(s) then they are redirected to somewhere else like yahoo, etc.
View Replies !
Reading User Settings / Control Panel
I want to give users the option of displaying tables in a certain way (colours, sort options, amount of info displayed etc.) The users will be able to change the settings via a control panel function which will then be stored in a mysql database. That bit is fine but I don't know which is the best method of retrieving and acting upon that data. 1. User changes the default look and feel of reports in their control panel. 2. User requests a report. 3. User Database is queeried and user settings returned. 4. Report database queeried and a report generated in the users required format. It is option 3. which I think is a bit of a waste. Every time the user requests a report his settings are called from the user database. Is it best to load the users settings when he first logs in? Would this be done in cookies or sessions?
View Replies !
Tracking Specific Record Access
I have this code to track my page access. How do I refine it to track record access please? Most of my forms have the foll. info. in form action so I would like $page below to also indicate the record accessed. Code:
View Replies !
PHPmyadmin Access Denied For User 'user'@'localhost'
WinMe machine as server, with Apache 2 installed and working PHP4 installed and working ( had PHP 5.05 installed and working, but i couldnt get the mysql extensions to load - phpinfo() didnt list mysql :(, so i installed PHP4, which now lists mysql when i run phpinfo). MYSQL 4.1 installed and working. I dont know the console commands too well, but i know its working ok, cos I have used a few simple DOS prompt commands to check its alive and I can connect to the database using MyODBC frontend/driver 3.51 and also using Navicat 2004. When i try to connect to the database via PHPmyadmin from another network PC I have an error: #1045 - Access denied for user 'user'@'localhost' (using password: YES) I have played around alot with different settings in the config.inc.php file.... nothing seems to work. This almost appears to be a simple login problem ( probably is too), but I can access the database locally from the Winme machine with the username and password that wont work over the network! I have tried not using 'localhost' as the host name but the IP address of the Winme PC but I get this error: #1130 - Host 'MYSERVERNAME' is not allowed to connect to this MySQL server
View Replies !
Managed To Control The Maximum Width And Height Of User's Upload.
ive managed to control the maximum width and height of my user's upload. can i control the file size too with this? i dont want them to be able to upload pic's over 25k. PHP Code: $size = getimagesize($_FILES['the_file']['tmp_name']); list($foo, $width, $bar, $height) = explode(""", $size[3]); if($width > $max_image_width) { $upload_image_error = true; $message = "Your pic's cant be wider then 1000 <br><br>"; } if($height > $max_image_height) { ...................
View Replies !
Getting Specific User
I have my login script, and I have it setup so that if they are not logged in it shows the login box, and if they are, it shows a welcome message. But how I can I get the specific username of the person who logged in, from the database? Here is my code: <?php if (!isset($_SESSION['authenticated'])) { echo "<form id="form1" name="form1" method="post" action=""> <label for="username">Username:</label> <input type="text" name="username" id="username" /> <label for="textfield">Password</label> <input type="password" name="pwd" id="pwd" /> <input name="login" type="image" src="images/login_button.jpg" id="login" value="Log in" /> </form>"; exit; } echo "Hey, welcome back $username!"; ?>
View Replies !
Access Denied For User 'user'@'localhost'
First time using mysql, I keep getting this error: Access denied for user 'user'@'localhost' to database 'databaseName' PHP Code: $conn = mysql_connect('localhost', 'user', 'xxxxxx'); if (!$conn)     {die('Could not connect: ' . mysql_error() . '<br>');     } else     {echo 'Connection to mysql server made <br>'     } $db = mysql_select_db('databaseName', $conn); if (!$db)     {die('Cannot connect to database: ' . mysql_error() . '<br>');     } else     {echo 'Connected to database'     }
View Replies !
User Specific Links
Basically what I am trying to do is create a page that will redirect a user to another page. however this page has to use a variable from the mysql database to know what url to send the person to, and the url of this redirection page has to carry their specific user id number as well as an id number for the site they are being sent to. Broken down, by theory it should work like this: 1. User number 123 clicks on a link to a website on one of my pages, that is supposed to direct them to the site associated with the site id 456. 2. the link would look like mysite.com/out.php?user=123&site=456 3. The out.php page would read in the url associated with id 456 and then redirect the user to that url. I hope someone can help me out because I am very stuck and this is one of the most crucial points of my project. I will also be needing to use a session ID to make sure the user is clicking on links with their own unique user id.
View Replies !
User Specific Data
i have been trying to find a way to store inidividual user information securely. For example, a very basic phone book where users can only view records submitted by themselves (for obvious reasons!). So in a membersarea for instance, theres a form allowing the user to store private phonenumbers only accesible by him/her.
View Replies !
User Specific Content
I am trying to create some user specific content (profile,admin, etc..) I have created a register and login script but I am a little lost when it comes to making a user specific page for them when they register (where it can display there info, make changes). Code:
View Replies !
User Specific Site
I have been trying and trying to build a member specific site and i cant seem to get the coding right, i cant seem to figure out what is goin on. I have piles of books but none seem to be helping.
View Replies !
Restricting Access To A Records Contents
I have a table called Reports . These are reports of different users . Now if 2 users attend a meeting, they each make separate reports which get stored. When a third user attends another meeting on the same subject, he creates a third record. I have been fiddling around with ways of updating records such that a single report can be updated by all 3 users. But it results in even a 4th user being able to view the report (if not update) and i just dont know how i can limit this. The issue here is that a situation can arise when the 4th user may need to read the report but until the time he needs to, i dont wish to allow access to that report. Code:
View Replies !
Inserting Records Into A Microsoft Access Database...
I'm still new at using PHP although thanks to these forums I'm learning quite a lot. Currently, I am trying to insert a new record into my access database. I can display records from it but not add new ones. I know that I am to use the 'INSERT' SQL function but how would an Access Database be different from mySQL? So far I've seen only mysql examples and havent been able to find anything on access...
View Replies !
User Login - Direct To Specific Page
If im looking to make a login system, that when someone login in with a specific username and password, it takes them to a specific page, ex. login: world password: world page they must get sent to once logged in: world.php login: hello password: hello page they must get sent to once logged in: hello.php Can someone give me a start to it here please? been looking around but cant find a good explanation of it .
View Replies !
Retrieve The Details Of A Specific User In The Database
I'm having some difficulty formulating query that will allow me to retrieve the details of a specific user in the database. The user's information is stored in one table called Users and another called UserProfile. Both tables are linked by the UserID field. My current query returns a Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource and my knowledge of Mysql is not great(Still learnng) Here is my code:
View Replies !
Make Sure User Is Referred By Specific Page.
I know this is possible because I have seen it in a few scripts before, but I forgot exactly how the language was put. I have a link on a page inside a password protected folder, lets call it domain.com/protected/hide.php. When the user clicks on the hyperlink, they will be redirected to domain.com/folder/page.php I want to write somewhere on page.php to be sure the visitor came from hide.php, otherwise display an error message. How can I do this?
View Replies !
Editable For Only Specific Active Directory User Goup
I'm trying to make a php message board on our company's Intranet that can only be edited by a specific user group. The group "writers" is managed in active directory. Is it possible to automatically check if the user that is logged in to windows and is watching the site is a part of the group "writers"? And if that user is a part of writers then an "Edit" button would be displayed on the site. The intranet site runs on Apache 2.2.
View Replies !
Mysql Control
I am currently using phpmyadmin to upload .txt files into the db using sql which look something like this LOAD DATA INFILE 'data.txt' INTO TABLE tmp LINES TERMINATED BY ' ' INSERT INTO data SELECT SUBSTR(str,1,6), SUBSTR(str,7,20), FROM tmp; Now is there a way to write some coding to run this command in web browser using php so that I don't need to manually go into phpmyadmin to type all of these into the sql?
View Replies !
Checking User Input Information Against Database Records
I have a user input form, which adds new records into the database, However I am getting a lot of errors (users not watching what they are typing) which is skewing my reports. I want to add some safety checks into my code so that I can check the validity of the user input before is goes into the database. Code:
View Replies !
User Access
Can anyone help me with user access? I want to have different levels of access for users. For example; when I create accounts for users to og into my websitem, I want to be able to specify the level of access they will have. Let's say user A can access pages 1,2&3 and user B can access pages 3,4&5. I would like to have check boxes that I can check to allow them access to the specified pages!
View Replies !
Access By User
I started to work with sessions and I have a doubt about users access. Is there a way to allow a group of users to do something that another group can't? I mean, I am giving the chance to interchange customers between branch managers, but I don't want the the personnel bellow manager can do it. So if this personnel enter the application made in php, they can see and do things different that the manager.
View Replies !
User Trying To Access
I am devloping a page which will have several domains parked on it so the user can access the page from one of several domains. My issue is I want to find out with PHP what url they entered to get to my script, I assume just getting the referer won't work so is their a way to get the url they typed in? Because the page is going to vary slightly depending on the domain so i need to get the domain they entered to pull the correct info from my db.
View Replies !
Know When User Tries To Access Php File
is there a way to detect if a user tries to access a php file? For instance, db.config.php is called in many php pages but should never actually be open directly. Is there a way to know if someone tried to open it directly? Also, i want to learn more about securing php/MySQL pages any good resources I should start with?...
View Replies !
Develop Internal Control System With PHP-MySql
I am NEWBIE & trying to develop internal control system with PHP-MySql & have one problem. I want to enter dynamic variable into MySql like : "I have checked report of Mr. $userName from $previousDate to $currentDate…..” Wherein - $username, $previousDate, $currentDate will be called from other table. My codes : PHP Code: INSERT INTO `checkReport ` (`schID`, `schNo`, `noteNo`, `subschName`, `content`) VALUES (1, 1, 'a', '', ' I have checked report of Mr. ‘.$username.’ from ‘.$previousDate.’ to ‘.$currentDate.’ ….) which is not working… Please guide me through.
View Replies !
Handling User Access Levels
I'm writing a website backend that will support several users, and every user will have a certain flag for whatever they have access to. I'm trying to come up with a good way to maintain this information. I was thinking about storing the answer as an integer and then to check flags, I would convert the integer to binary and compare that to a key. For example if my key is A=1, B=2, C=3, D=4 1011 would mean the user has access to A,B, and D. (read right to left) Which when stored, would be 11. This seems fine but my variable would have to be a rather large one. (I'm storing the data in a MySQL database) After the number of flags hit a certain size, I'd cap out. I'm guessing around 40 (maybe my math is just off) Anyone have any ideas one what the best way to handle this problem could be?
View Replies !
How To Limit The User Access To The Page
how to make a user management in php, i mean that i want to limit the user access to my page. the script will not allow 2 user have an access to my page at the same time. the script only allow 1 user to access the page. the second user will have the queue massage.
View Replies !
A Simple User Access Level
i am trying to do is just make a very simple user access level. Ill explain as much as i can for you to understand. In mysql db i have a simple table for users, with 4 fields; 1) id 2) username 3) password 4) access My login system works fine that isnt a problem, now in the access field what i am trying to do is in there either have "admin" or "member" depending on the user. The reason behind this is so in the php members area it echos different things depending on that users access (admin or member in the access field) Code:
View Replies !
Preventing Multiple User Access
I found a script which allows users to register to a site, by storing a username and password in a database table. The script already creates a session, but this only lets my webpages know who is logged in. I would like to know how to prevent a user logging in, when they are already logged in somewhere else. I thought maybe setting a field in the user record when they are logged in( set to Ƈ') . But then the only time that field would be set to 0 is if the user used the logout page. If they just exited the browser, my table would still have them as logged in.
View Replies !
|
TRACKER
