私は列を持つ1つのユーザーテーブルを持っています:ユーザーID、ユーザー名、パスワード、電子メール、同意_1、コメント_1、同意_2、コメント_2、..........以下はDREAMWEAVERによって生成されたコードです、それはページへのアクセスを制限します、ログインしている場合にのみアクセスできます。また、DREAMWEAVER によって作成されたレコード セット クエリでユーザー テーブルを更新します。
<?php
if (!isset($_SESSION)) { session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username setequal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}
$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE users SET Agree_50=%s, comment_50=%s, Agree_51=%s, comment_51=%s, Agree_52=%s, comment_52=%s, Agree_53=%s, comment_53=%s, Agree_54=%s, comment_54=%s, Agree_55=%s, comment_55=%s, Agree_56=%s, comment_56=%s, Agree_57=%s, comment_57=%s, Agree_58=%s, comment_58=%s, Agree_59=%s, comment_59=%s, Agree_60=%s, comment_60=%s, Agree_61=%s, comment_61=%s, Agree_62=%s, comment_62=%s, Agree_63=%s, comment_63=%s, Agree_64=%s, comment_64=%s, Agree_65=%s, comment_65=%s, Agree_66=%s, comment_66=%s, Agree_67=%s, comment_67=%s, Agree_68=%s, comment_68=%s, Agree_69=%s, comment_69=%s, Agree_70=%s, comment_70=%s, Agree_71=%s, comment_71=%s, Agree_72=%s, comment_72=%s, Agree_73=%s, comment_73=%s, Agree_74=%s, comment_74=%s, Agree_75=%s, comment_75=%s, Agree_76=%s, comment_76=%s, Agree_77=%s, comment_77=%s, Agree_78a=%s, comment_78a=%s, Agree_79a=%s, comment_79a=%s, Agree_78b=%s, comment_78b=%s, Agree_79b=%s, comment_79b=%s, Agree_80=%s, comment_80=%s, Agree_81=%s, comment_81=%s, Agree_82=%s, comment_82=%s, Agree_83=%s, comment_83=%s, Agree_84=%s, comment_84=%s, Agree_85=%s, comment_85=%s, Agree_86=%s, comment_86=%s, Agree_87=%s, comment_87=%s, Agree_88=%s, comment_88=%s, Agree_89=%s, comment_89=%s, Agree_90=%s, comment_90=%s, Agree_91=%s, comment_91=%s, Agree_92=%s, comment_92=%s, Agree_93=%s, comment_93=%s, Agree_94=%s, comment_94=%s, Agree_95=%s, comment_95=%s, Agree_96=%s, comment_96=%s, Agree_97=%s, comment_97=%s, Agree_98=%s, comment_98=%s, Agree_99=%s, comment_99=%s, Agree_100=%s, comment_100=%s WHERE id=%s",
GetSQLValueString($_POST['grp_50'], "text"),
GetSQLValueString($_POST['text_50'], "text"),
GetSQLValueString($_POST['grp_51'], "text"),
GetSQLValueString($_POST['text_51'], "text"),
GetSQLValueString($_POST['grp_52'], "text"),
GetSQLValueString($_POST['text_52'], "text"),
GetSQLValueString($_POST['grp_53'], "text"),
GetSQLValueString($_POST['text_53'], "text"),
GetSQLValueString($_POST['grp_54'], "text"),
GetSQLValueString($_POST['text_54'], "text"),
GetSQLValueString($_POST['grp_55'], "text"),
GetSQLValueString($_POST['text_55'], "text"),
GetSQLValueString($_POST['grp_56'], "text"),
GetSQLValueString($_POST['text_56'], "text"),
GetSQLValueString($_POST['grp_57'], "text"),
GetSQLValueString($_POST['text_57'], "text"),
GetSQLValueString($_POST['grp_58'], "text"),
GetSQLValueString($_POST['text_58'], "text"),
GetSQLValueString($_POST['grp_59'], "text"),
GetSQLValueString($_POST['text_59'], "text"),
GetSQLValueString($_POST['grp_60'], "text"),
GetSQLValueString($_POST['text_60'], "text"),
GetSQLValueString($_POST['grp_61'], "text"),
GetSQLValueString($_POST['text_61'], "text"),
GetSQLValueString($_POST['grp_62'], "text"),
GetSQLValueString($_POST['text_62'], "text"),
GetSQLValueString($_POST['grp_63'], "text"),
GetSQLValueString($_POST['text_63'], "text"),
GetSQLValueString($_POST['grp_64'], "text"),
GetSQLValueString($_POST['text_64'], "text"),
GetSQLValueString($_POST['grp_65'], "text"),
GetSQLValueString($_POST['text_65'], "text"),
GetSQLValueString($_POST['grp_66'], "text"),
GetSQLValueString($_POST['text_66'], "text"),
GetSQLValueString($_POST['grp_67'], "text"),
GetSQLValueString($_POST['text_67'], "text"),
GetSQLValueString($_POST['grp_68'], "text"),
GetSQLValueString($_POST['text_68'], "text"),
GetSQLValueString($_POST['grp_69'], "text"),
GetSQLValueString($_POST['text_69'], "text"),
GetSQLValueString($_POST['grp_70'], "text"),
GetSQLValueString($_POST['text_70'], "text"),
GetSQLValueString($_POST['grp_71'], "text"),
GetSQLValueString($_POST['text_71'], "text"),
GetSQLValueString($_POST['grp_72'], "text"),
GetSQLValueString($_POST['text_72'], "text"),
GetSQLValueString($_POST['grp_73'], "text"),
GetSQLValueString($_POST['text_73'], "text"),
GetSQLValueString($_POST['grp_74'], "text"),
GetSQLValueString($_POST['text_74'], "text"),
GetSQLValueString($_POST['grp_75'], "text"),
GetSQLValueString($_POST['text_75'], "text"),
GetSQLValueString($_POST['grp_76'], "text"),
GetSQLValueString($_POST['text_76'], "text"),
GetSQLValueString($_POST['grp_77'], "text"),
GetSQLValueString($_POST['text_77'], "text"),
GetSQLValueString($_POST['grp_78a'], "text"),
GetSQLValueString($_POST['text_78a'], "text"),
GetSQLValueString($_POST['grp_79a'], "text"),
GetSQLValueString($_POST['text_79a'], "text"),
GetSQLValueString($_POST['grp_78b'], "text"),
GetSQLValueString($_POST['text_78b'], "text"),
GetSQLValueString($_POST['grp_79b'], "text"),
GetSQLValueString($_POST['text_79b'], "text"),
GetSQLValueString($_POST['grp_80'], "text"),
GetSQLValueString($_POST['text_80'], "text"),
GetSQLValueString($_POST['grp_81'], "text"),
GetSQLValueString($_POST['text_81'], "text"),
GetSQLValueString($_POST['grp_82'], "text"),
GetSQLValueString($_POST['text_82'], "text"),
GetSQLValueString($_POST['grp_83'], "text"),
GetSQLValueString($_POST['text_83'], "text"),
GetSQLValueString($_POST['grp_84'], "text"),
GetSQLValueString($_POST['text_84'], "text"),
GetSQLValueString($_POST['grp_85'], "text"),
GetSQLValueString($_POST['text_85'], "text"),
GetSQLValueString($_POST['grp_86'], "text"),
GetSQLValueString($_POST['text_86'], "text"),
GetSQLValueString($_POST['grp_87'], "text"),
GetSQLValueString($_POST['text_87'], "text"),
GetSQLValueString($_POST['grp_88'], "text"),
GetSQLValueString($_POST['text_88'], "text"),
GetSQLValueString($_POST['grp_89'], "text"),
GetSQLValueString($_POST['text_89'], "text"),
GetSQLValueString($_POST['grp_90'], "text"),
GetSQLValueString($_POST['text_90'], "text"),
GetSQLValueString($_POST['grp_91'], "text"),
GetSQLValueString($_POST['text_91'], "text"),
GetSQLValueString($_POST['grp_92'], "text"),
GetSQLValueString($_POST['text_92'], "text"),
GetSQLValueString($_POST['grp_93'], "text"),
GetSQLValueString($_POST['text_93'], "text"),
GetSQLValueString($_POST['grp_94'], "text"),
GetSQLValueString($_POST['text_94'], "text"),
GetSQLValueString($_POST['grp_95'], "text"),
GetSQLValueString($_POST['text_95'], "text"),
GetSQLValueString($_POST['grp_96'], "text"),
GetSQLValueString($_POST['text_96'], "text"),
GetSQLValueString($_POST['grp_97'], "text"),
GetSQLValueString($_POST['text_97'], "text"),
GetSQLValueString($_POST['grp_98'], "text"),
GetSQLValueString($_POST['text_98'], "text"),
GetSQLValueString($_POST['grp_99'], "text"),
GetSQLValueString($_POST['text_99'], "text"),
GetSQLValueString($_POST['grp_100'], "text"),
GetSQLValueString($_POST['text_100'], "text"),
GetSQLValueString($_POST['id1'], "int"));
mysql_select_db($database_NAWFIA_1, $NAWFIA_1);
$Result1 = mysql_query($updateSQL, $NAWFIA_1) or die(mysql_error());
$updateGoTo = "draft_chapter3_success.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
mysql_select_db($database_NAWFIA_1, $NAWFIA_1);
$query_Recordset1 = "SELECT id, Agree_50, comment_50, Agree_51, comment_51, Agree_52, comment_52, Agree_53, comment_53, Agree_54, comment_54, Agree_55, comment_55, Agree_56, comment_56, Agree_57, comment_57, Agree_58, comment_58, Agree_59, comment_59, Agree_60, comment_60, Agree_61, comment_61, Agree_62, comment_62, Agree_63, comment_63, Agree_64, comment_64, Agree_65, comment_65, Agree_66, comment_66, Agree_67, comment_67, Agree_68, comment_68, Agree_69, comment_69, Agree_70, comment_70, Agree_71, comment_71, Agree_72, comment_72, Agree_73, comment_73, Agree_74, comment_74, Agree_75, comment_75, Agree_76, comment_76, Agree_77, comment_77, Agree_78a, comment_78a, Agree_79a, comment_79a, Agree_78b, comment_78b, Agree_79b, comment_79b, Agree_80, comment_80, Agree_81, comment_81, Agree_82, comment_82, Agree_83, comment_83, Agree_84, comment_84, Agree_85, comment_85, Agree_86, comment_86, Agree_87, comment_87, Agree_88, comment_88, Agree_89, comment_89, Agree_90, comment_90, Agree_91, comment_91, Agree_92, comment_92, Agree_93, comment_93, Agree_94, comment_94, Agree_95, comment_95, Agree_96, comment_96, Agree_97, comment_97, Agree_98, comment_98, Agree_99, comment_99, Agree_100, comment_100 FROM users WHERE users.id";
$Recordset1 = mysql_query($query_Recordset1, $NAWFIA_1) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
これは機能します。ユーザー ID 1 でログインすると、テーブルのコメント行が正常に更新されますが、ログアウトして ID が 2 または 3 の別のユーザーでログインすると、ユーザー ID 1 が更新されます。助けが必要ですログインしたユーザーの行を更新する方法について。