Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1

    Restriction check


    Hi guys,
    I have made a field in my sql where it will be stored ids of members that will have access to certain articles from the site.
    The field is in TEXT and all the ids stored are separated with a comma. (id,id,id,.. and so on)
    I'm trying to make a check so that if the member id is not present wont have access to the article.
    I have tried with if ($row["allowid"] != $CURUSER["id"]) and also with if ($row["allowid"] !== $CURUSER["id"]) but it seems it doesn't do nothing.
    I guess this works only if there is a single id present in the field.
    My stupid question is how should i do the check if in the field are multiple ids separated with a comma? I have never run into this before.
    Thank you
  2. #2
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    Do not store multiple data in the same column! Look up and learn about Database Normalization.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    This is not what i meant
  6. #4
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    This is exactly what you said

    all the ids stored are separated with a comma. (id,id,id,.. and so on)
    That is a big NO, NO. Until you fix your database design there is no point doing anything else.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    But i saw many examples like this. Also i say some array from a sql variable and perhaps that is what i need
    if (!in_array) of something.. but from the values of that particular field
  10. #6
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    But i saw many examples like this.
    I believe you. There are tons of bad code examples and "tutorials" written by people who have no business writing a tutorial on the internet.

    I assume you want your application to be done correctly. With that in mind you should start from the beginning by providing an SQL dump of your DB with a handful of sample records as well as your registration and login code. If the DB is not right, all the code you ever write to interact with it will be wrong.

    You have an opportunity here to have your project reviewed by many experts with many years of experience at no cost. It would be wise to take advantage of that. Rather than guessing at what you might need to do, allow us to tell you, then you can implement it.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    Fair enough..this is what i got so far

    PHP Code:
    ALTER TABLE `articlesADD `allowidTEXT NULL DEFAULT NULL;

    $result mysqli_query($GLOBALS["___mysqli_ston"], "SELECT allowid FROM articles WHERE id =".sqlesc($id)) or sqlerr(__FILE____LINE__);
    $cats = array();
    while (
    $rowc=mysqli_fetch_array($result)){
    $cats[] = $rowc['allowid'];
    }
    if (!(
    in_array($CURUSER['id'],$cats))){
    stderr("Access Required""Special access is required to access this!");

    i dont get any error, but it doesn't recognize the id properly. i am using an account which should have access to the article but it gives access denied
  14. #8
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    Yeah, we better forget about that code for now. Can you post an SQL dump of your DB?
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    entire SQL or just this table/field?
  18. #10
  19. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    The whole thing so I can recreate and run on my end.
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    https://pastebin.com/h4zMR8H5

    I just put the table in cause with the data in cause. Other tables are not involved so not needed.
  22. #12
  23. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    Lets see, I ask for the whole database and you give me ONE table that YOU think I should have and then decided for me that I don't need anything else. I could have sworn you read post #6
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    You don't need other tables since they aren't involved in the process i want to make. It's a waste of time.
    You joined here since May 2017 and have only 24 posts. No thank you.
  26. #14
  27. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2017
    Location
    Worldwide
    Posts
    34
    Rep Power
    1
    Perhaps you should check the other forums where I have thousands of posts and a very well established reputation as an expert to back up my 25+ years experience as a Software Engineer, but you know better right? The only waste of time was mine trying to help you. You will go far burning bridges with experts on the forums.

    FYI: A post count has absolutely nothing to do with how much someone knows about something. Your on your own dude.
  28. #15
  29. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    75
    Rep Power
    1
    Stop post in this topic. Thank you.
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo