[FX.php List] Passing Data 101...Again.

Jonathan Schwartz jonathan at eschwartz.com
Fri Sep 16 01:23:15 MDT 2005 

>
>
>BTW, the "really simple answer" is different for different people.
>You run the risk of offending someone trying to help, and probably 
>can if they are responding.  Just a friendly comment....

Sorry for the inappropriate words.  You're 100% right.  I'm a little 
tired and frustrated.

Here are the three pages of code: Logon.php, Logon_Validate.php and 
Detail.php.    The third page, Detail.php was lifted from another 
solution and has extraneous functionality.  In short, I want to 
create a "secure" solution where users can access their own records, 
but not guess URL that can access other's records.

Thanks for the help.

Jonathan
----------------------------------------------
Logon.php
<html>
<head>
	<title>Log in to Mill Valley School District Directory</title>

</head>
<body>
<?php
include_once("includes/header.php");
?>

<br /><br />
<?

if ($msg) {
	echo "<center>$msg</center><br /><br />";
}
?>

<form action='logon_validate.php' method='post'>

<table width='60%' border='0' align='center'>
	<tr>
		<td colspan='2' align='center'>Please enter username 
and password to edit your Student Directory information<br /><br 
/></td>
	</tr>
	<tr>
		<td>Username:</td>
		<td><input type='text' name='name'></td>
	</tr>
	<tr>
		<td>Password:</td>
		<td><input type='password' name='pw'></td>
	</tr>
	<tr>
		<td colspan='2' align='center'><input type='submit' 
name='submit' value='submit'></td>
	</tr>

</table>
</form>
</body>
</html>:
-----------------------------------------------------------------------------
Logon_Validate.php:

<?
include ("FX/FX.php");
include ("prefs.php");
//include ("session_handler.php");


$query = new FX($serverIP, $port);

$query->SetDBData ('parents.fp5', 'web');

$query->AddDBParam ('username', $_POST['name'], 'eq');
$query->AddDBParam ('password', $_POST['pw'], 'eq');

$result = $query->FMFind();

?>
<font color="red" style="Strong">

<?
if ($_POST['name'] == "" || $_POST['pw'] == "") {
     $msg= 'Please fill in both fields.';
     include_once ("logon.php");
			exit;
}  else { $msg =" ";

?>
</font>
<?

}

if ($result['foundCount'] == 1) {
	//session_set_save_handler("sess_open","sess_close","sess_read","sess_write","sess_destroy","sess_gc");
	//setcookie("sid");
	//session_start();


	//if ($exp) {
			//$msg = "Your session has expired.  You must 
login again.";
			//include_once ("logon.php");
			//exit;
	//}

	//$recID = current($result['data']);

	//session_register("sessWalkerID");
	//session_register("sessWalkerName");

	//$sessWalkerID = $recID['parentid'][0];
	//$sessWalkerName = $recID['last'][0];

	include_once ("includes/header.php");
	echo "Logging in... one moment please";
	echo "<meta http-equiv=refresh content=\"1;url=detail.php\">";


	exit;


} else {
	$msg = "Unsucessful login attempt.  Please try again.";
	include ("logon.php");

}

?>

----------------------------------------------------------------------------------------
Detail.php:

<html>
<head>
<title>Mill Valley School District Student Directory</title>
<link href="web_style.css" rel="stylesheet" type="text/css">
<?php
include_once('FX/FX.php');
include_once('FX/FMErrors.php');
include_once('FX/server_data.php');

$recid=$_GET[recid];


$findrecord=new FX($serverIP,$webCompanionPort);
$findrecord->SetDBData('parents.fp5','web');
$findrecord->AddDBParam('-recid',$recid);


$findResult=$findrecord->FMFind();
foreach($findResult['data'] as $key=>$findData)




$lists=new FX($serverIP,$webCompanionPort);
$lists->SetDBData('parents.fp5','web');
$listsResult=$lists->FMView();

$search2=new FX($serverIP,$webCompanionPort);
$search2->SetDBData('parents.fp5','web');
$search2->AddDBParam('parentid',$findData['parentid'][0]);
$search2Result=$search2->FMFind();
foreach($findResult['data'] as $key=>$findData)


$search3=new FX($serverIP,$webCompanionPort);
$search3->SetDBData('students.fp5','web');
$search3->AddDBParam('parentid',$findData['parentid'][0]);
$search3Result=$search3->FMFind();
foreach($findResult['data'] as $key=>$findData)
?>


</head>

<body>
<?php
include_once("includes/header.php");
?>

<p>This is the current information on file.  Click EDIT to change.</p>


<table width="80%" border="0" cellspacing="3" cellpadding="0">
   <tr class="ver12">
     <td width="15%"><div align="right">First Name</div>
     </td>
     <td></td>
     <td><?php echo $findData['first'][0]; ?>
     </td>
   </tr>
   <tr class="ver12">
     <td><div align="right">Last Name</div>
     </td>
       <td></td>
     <td><?php echo $findData['last'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">Street</div>
     </td>
     <td></td>
     <td><?php echo $findData['Street'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">City</div>
     </td>
     <td></td>
     <td><?php echo $findData['City'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">State</div>
     </td>
     <td></td>
     <td><?php echo $findData['State'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">Zip</div>
     </td>
     <td></td>
     <td><?php echo $findData['Zip'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">Home Phone</div>
     </td>
     <td></td>
     <td><?php echo $findData['PhoneHome'][0]; ?>
     </td>
   </tr>
     <tr class="ver12">
   <td width="15%"><div align="right">Email</div>
     </td>
     <td></td>
     <td><?php echo $findData['email'][0]; ?>
     </td>
   </tr>
</table>
<p>&nbsp;</p>
<a href="edit.php?recid=<?php
$recordDetails=explode('.',$key);
$currentRecord=$recordDetails[0];
echo $currentRecord;
  ?>">EDIT</a>

  <p>&nbsp;</p>
  <a href="edit.php?parentid=<?php
$recordDetails=explode('.',$key);
$currentRecord=$recordDetails[0];
echo $currentRecord;
  ?>">EDIT</a>

Students Records <?php echo $search2Result['foundCount']; ?>
<table>
<tr>
<?php foreach($search2Result['data'] as $key=>$search2Data) { ?>
<td><?php echo $search2Data['first'][0]; ?> </td>
<td><?php echo $search2Data['last'][0]; ?> </td>
</tr>
<?php  } ?>
</table>

<p>&nbsp;</p>
Found Records <?php echo $search3Result['foundCount']; ?>
<table>
<tr>
<?php foreach($search3Result['data'] as $key=>$search3Data) { ?>
<td><?php echo $search3Data['StudentNameFirst'][0]; ?> </td>
<td><?php echo $search3Data['StudentNameLast'][0]; ?> </td>
<td><?php echo $search3Data['Grade'][0]; ?> </td>
</tr>
<?php  } ?>
</table>

</body>
</html>

-----------------------------------------------------------------------







































-- 

Jonathan Schwartz
Schwartz & Company
817 Marin Drive
Mill Valley, CA 94941
Phone: 415-381-1852
jonathan at eschwartz.com - http://www.eschwartz.com

More information about the FX.php_List mailing list