[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: donate page



Salam,

what about this variable? Should i query:

if ($_SESSION[type]=='c')
	{
	// modify
	}

(Do i get only "core"-users this way?)

??? please, could someone, who knows the code answer?

salam.

Omar


On Wed, 17 Mar 2004 00:44:22 +0100, Omar Abo-Namous wrote:
> On Tue, 16 Mar 2004 15:08:22 -0800 (PST), Nadim Shaikli wrote:
>> --- Omar Abo-Namous <merlin12345 at gmx dot de> wrote:
>>> On Sun, 14 Mar 2004 19:00:34 -0600, Arafat Mohamed wrote:
>>>> We really need to store the data in mysql. In fact there already
>>>> exists a table which we'd like modified to support this
>>>> functionality.
>>>> The table is donate. I'm thinking create a new table based on
>>>> donate
>>>> called finances (or something). Import data from donate into
>>>> finance
>>>> and make any changes on the site to use the new table.
>>>
>>> ok, would you like to have a look:
>>>
>>> http://www.toomuchcookies.net/~arabeyes/dontable/test.php
>>
>> Looks pretty close to what I had in mind, yet I wasn't able to enter
>> any fields since I wasn't sure what field related to what and I
>> didn't
>> want to fill your db with garbage.  In all, looks nice :-)
>>
>>> it's only the Donations()-function from the output.inc.php-file
>>> reedited.
>>>
>>> add/delete-func should be for admin only. How is this sort of
>>> thing
>>> managed on arabeyes? Is there any "auth"-variable i can query??
>>
>> Someone should really CVS checkin a template of the tables we use
>> within mysql (ie. with NO content) so that people willing to help
>> can really see the tables, rows and columns available for their
>> access.
>>
>> Omar, there is a login feature within the PHP code and so the
>> donations
>> should only be accessible (for write/modify) by 'core' staff
>> members.
>>
>
> who knows whether the column [type] is what nadim means? i need to
> know what exactly would be written in this $_SESSION[type] variable.
> (I'm only guessing it's a 'c' ???).
>
> thnx
>
> here's the code-snippet i'm referring to
>
> if (isset($_POST[uname]) && isset($_POST[pass]))
> {
> $QueryResult = mysql_query("select * from user where
> username='$_POST[uname]' and pass=PASSWORD('$_POST[pass]')");
> if(mysql_num_rows($QueryResult) == 1)
> {
> $QueryRow = mysql_fetch_array($QueryResult);
>
> $_SESSION[username] = $QueryRow[username];
> $_SESSION[user_id] = $QueryRow[id];
> $_SESSION[type] = $QueryRow[type];
>
> mysql_query("update user set lastlogin='".GetUTCTimeStamp()."'
> where username='$_POST[uname]'");
>
> header("Location: ". $hosturl);
> }
> ..
>
> Omar
>
>
>> Salam and keep at it.
>>
>> - Nadim
>>
>>
>> __________________________________
>> Do you Yahoo!?
>> Yahoo! Mail - More reliable, more storage, less spam
>> http://mail.yahoo.com
>> _______________________________________________
>> Admin mailing list
>> Admin at arabeyes dot org
>> http://lists.arabeyes.org/mailman/listinfo/admin


--
Omar Abo-Namous, merlin12345 at gmx dot de on 21.03.2004