[英]Fetch data based on the logged in user information from two different tables
I have a log-in form where the user input his username and password. 我有一个登录表单,用户可以在其中输入他的用户名和密码。 Every user has his gradelevel assign and section.
每个用户都有其年级分配和部分。
My main concern is my code cannot determine whose user is currently logged in so it cannot get the gradeassign and sectionassign of it so all of data from the tbl_students are displayed. 我主要关心的是我的代码无法确定当前登录的用户,因此无法获取其等级分配和部分分配,因此将显示tbl_students中的所有数据。
Hope you can help me with this. 希望你能帮我这个忙。 Thanks
谢谢
Here's the table structure 这是表格结构
tbl_user tbl_user
| id | Name | gradeassign | sectionassign | Username | Password
----------------------------------
| 1 | XXXX | 2 | 3 | xxx | xxx
| 2 | YYYY | 1 | 2 | |
| 3 | ZZZZ | 1 | 6 | |
tbl_students tbl_students
| id | Name | Grade | Section
----------------------------------
| 1 | George| 2 | 3
| 2 | YYYY | 1 | 2
| 3 | ZZZZ | 1 | 1
If the user XXX log-in, the result and date fetched must be: 如果用户是XXX登录,则获取的结果和日期必须是:
| id | Name | Grade | Section |
----------------------------------
| 1 | George | 2 | 3 |
Here's my code for the log-in session of the user. 这是我的用户登录会话代码。
<?php
require_once('connection.php');
session_start();
if(isset($_POST['Login']))
{
if(empty($_POST['Username']) || empty($_POST['Password']))
{
header("location:faculty.php?Empty=All fields are required");
}
else
{
$query="select * from facultyagain where Username='".$_POST['Username']."'
and Pass='".$_POST['Password']."'"; $result=mysqli_query($con,$query); 和Pass ='“。$ _ POST ['Password']。”'“; $ result = mysqli_query($ con,$ query);
if(mysqli_fetch_assoc($result))
{
$_SESSION['User']=$_POST['Username'];
header("location:faculty2.php");
}
else
{
header("location:faculty.php?Invalid= Unauthorized Access ");
}
}
}
else
{
echo 'Not Working Now Guys';
}
?>
--------Here's the query I've tried to fetch my desired result. --------这是我尝试获取所需结果的查询。
<?php
$connect = mysqli_connect("localhost", "root", "", "db");
$sql = "SELECT * FROM tbl_students INNER JOIN tbl_user WHERE
tbl_user.gradeassign =
tbl_students.grade AND tbl_user.sectionassign = tbl_students.section";
$result = mysqli_query($connect, $sql);
?>
<?php
if(mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
?>
<tr>
<td><?php echo $row["id"];?></td>
<td><?php echo $row["name"]; ?></td>
<td><?php echo $row["grade"]; ?></td>
<td><?php echo $row["section"]; ?></td>
</tr>
<?php
}
}
?>
You storing username
after login. 登录后存储
username
。 Please store userId
in session instead of
username. 请在会话中存储
userId
instead of
用户名。 Then try this query to fetch results. 然后尝试此查询以获取结果。
WARNING SQL QUERY IS VULNERABLE FOR SQL-INJECTION 警告 SQL查询可能会导致SQL注入
<?php
session_start();
$connect = mysqli_connect("localhost", "root", "", "db");
$current_user_id = $_SESSION['User'];
//I recommend you to validate session for empty or non authorized user.
$sql = "SELECT * FROM tbl_students WHERE tbl_students.id = '$current_user_id' INNER JOIN tbl_user ON tbl_user.id = tbl_students.id";
$result = mysqli_query($connect, $sql);
?>
<?php
if(mysqli_num_rows($result) > 0)
{
while($row = mysqli_fetch_array($result))
{
?>
<tr>
<td><?php echo $row["id"];?></td>
<td><?php echo $row["name"]; ?></td>
<td><?php echo $row["grade"]; ?></td>
<td><?php echo $row["section"]; ?></td>
</tr>
<?php
}
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.