1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 12:37 pm Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

How get clientid into quotes table so view quotes only one client

         

Orangutang

4:58 pm on Jul 13, 2010 (gmt 0)

10+ Year Member



Table clients = clientid (PK, AI), email usename, pw
Table quotes = quoteid (PK, AI), client id, fromcompany, other details

Process = Login, navigate to raisequote page an send - I return page with confirmation with the quoteid using $quoteid = mysql_insert_id()

Log Out.

Log in, navigate to allquotes but displays all the quotes from all clients and thats my problem.

Please can someone tell me how to only show quotes from that client.

IE - How do I get the clientid from the clients table into the quotes table (clientid) field so i can run the query.

Even any pointers as to how would be really helpful

Many thanks

mack

5:06 pm on Jul 13, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



You would need to have the ID for the client assigned to the page. If its a simple link that takes you to the page you could pass the id via the url. Then when you do your mysql select add a where clause so that only quotes from a certain client are displayed.

select * from tablename where clientid = something

Mack.

Orangutang

5:27 pm on Jul 13, 2010 (gmt 0)

10+ Year Member



Hi Mack,

Thank you and understood, pass the id via the url. If I may clarify to be sure to be sure......

Clients logs in a clicks around site then go to quotes and clicks allquotes.

When the client logs in I store their username as a session variable and echo it out on every page.

Pass the id via the url is different to this I assume - Please can you give me pointer.

rocknbil

6:19 pm on Jul 13, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



pass the id via the url


I wouldn't reveal the "client id" anywhere unless you absolutely have to (however, if you don't want your system to rely on PHP sessions, you might want to.) On login,

store their username as a session variable


Store the client id in a session variable as well.

$_SESSION['logged_in_user'] = $whatever_the_user_is;

Clients logs in a clicks around site then go to quotes and clicks allquotes.


<a href="allquotes.php">All Quotes</a>

if (! isset($_SESSION['logged_in_user']) or (isset($_SESSION['logged_in_user']) and ! ($_SESSION['logged_in_user'] > 0))) {
die("Invalid client id");
}

$query = "select * from quotes where clientid=" . $_SESSION['logged_in_user'];

Don't pass it in a url, don't show it on any pages unless you absolutely have to.

mack

7:38 pm on Jul 13, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Rocknbill spot on, I misunderstood it was the client that was logging in. I thought it was you (Orangutang). Sessions would certainly be a good way to go.

I think the key is never trust the users. If there is something in the url, then thats one thing more than they need to know.

Mack.

Orangutang

11:37 am on Jul 14, 2010 (gmt 0)

10+ Year Member



Hi Rocknbill, Mack,

Thanks for your help and I understand your logic of passing data via the url vs creating a session.

Even though I have understood the logic of the session variable, start session, register session, then use that session to stipulate what data the query will retrieve I still have syntax blanks that I would appreciate a bit more help with.

Problem 1 - Below is my login start session code:

$queryget = mysql_query("SELECT * FROM clients WHERE username='$username' AND password='$password'");
$numrows = mysql_num_rows($queryget);
if ($numrows != 0)
{
$_SESSION['username'] = $username;
$_SESSION['logged_in_user'] = $whatever_the_user_is;

echo "You are logged in. <a href='clientscontrolpanel.php'>Click here to go to the Control Panel.</a>"

Please could you let me know what the values should be ['logged_in_user']is a name that I create for the session, eg say: user and $whatever_the_user_is ?

My users table has Col1 clientid (PK,AI), Col2 email, Col3 username, Col4 password.

My username is Steve and this is what I echo out on every page. As I understand I started a session for username that = $username an when I echo $username Steve is displayed which is the username in the db.

Problem 2 - Could you clarify I have the if statement in teh correct place:

The <a href="allquotes.php">All Quotes</a> link is on the "quotes.php" page. They click that and arrive at the "allquotes.php" page where the following code has been implemented.

<tr><td width='20%'><b><u>All Quotes</u></b></td><td>&nbsp</td></tr>

<?php

if (! isset($_SESSION['logged_in_user']) or (isset($_SESSION['logged_in_user']) and ! ($_SESSION['logged_in_user'] > 0)))
{
die("Invalid client id");
}
$query = "SELECT * from quotes where clientid=" . $_SESSION['logged_in_user'];

// Execute the query here now
$query = mysql_query($sqlCommand) or die (mysql_error());
$quoteid = mysql_insert_id();

// Output the data here using a while loop, the loop will return all members
while ($row = mysql_fetch_array($query))
{
// Gather all $row values into local variables for easier usage in output

$quoteid = $row["quoteid"];
$clientid = $row['clientid'];
$fromcompany = $row['fromcompany'];
$fromcontact = $row['fromcontact'];

Then echo to browser.........

If you could please give me an example of the values for: ['logged_in_user'] and $whatever_the_user_is

And clarify I have inserted the If statement in the correct place I will hopefully have this nugget understood.

Many thanks

Orangutang

11:38 am on Jul 14, 2010 (gmt 0)

10+ Year Member



Hi Rocknbill, Mack,

Thanks for your help and I understand your logic of passing data via the url vs creating a session.

Even though I have understood the logic of the session variable, start session, register session, then use that session to stipulate what data the query will retrieve I still have syntax blanks that I would appreciate a bit more help with.

Problem 1 - Below is my login start session code:

$queryget = mysql_query("SELECT * FROM clients WHERE username='$username' AND password='$password'");
$numrows = mysql_num_rows($queryget);
if ($numrows != 0)
{
$_SESSION['username'] = $username;
$_SESSION['logged_in_user'] = $whatever_the_user_is;

echo "You are logged in. <a href='clientscontrolpanel.php'>Click here to go to the Control Panel.</a>"

Please could you let me know what the values should be ['logged_in_user']is a name that I create for the session, eg say: user and $whatever_the_user_is ?

My users table has Col1 clientid (PK,AI), Col2 email, Col3 username, Col4 password.

My username is Steve and this is what I echo out on every page. As I understand I started a session for username that = $username an when I echo $username Steve is displayed which is the username in the db.

Problem 2 - Could you clarify I have the if statement in teh correct place:

The <a href="allquotes.php">All Quotes</a> link is on the "quotes.php" page. They click that and arrive at the "allquotes.php" page where the following code has been implemented.

<tr><td width='20%'><b><u>All Quotes</u></b></td><td>&nbsp</td></tr>

<?php

if (! isset($_SESSION['logged_in_user']) or (isset($_SESSION['logged_in_user']) and ! ($_SESSION['logged_in_user'] > 0)))
{
die("Invalid client id");
}
$query = "SELECT * from quotes where clientid=" . $_SESSION['logged_in_user'];

// Execute the query here now
$query = mysql_query($sqlCommand) or die (mysql_error());
$quoteid = mysql_insert_id();

// Output the data here using a while loop, the loop will return all members
while ($row = mysql_fetch_array($query))
{
// Gather all $row values into local variables for easier usage in output

$quoteid = $row["quoteid"];
$clientid = $row['clientid'];
$fromcompany = $row['fromcompany'];
$fromcontact = $row['fromcontact'];

Then echo to browser.........

If you could please give me an example of the values for: ['logged_in_user'] and $whatever_the_user_is

And clarify I have inserted the If statement in the correct place I will hopefully have this nugget understood.

Many thanks
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 12:37 pm Apr 28, 2026