Good day! I created a webpages and i have a login page consist of Username and Department. And i encountered problem in adding event in my calendar. This is the flow of my webpage: First I have a separate table for the user and calendar. In my user table it has a Username, Department, and Permission. In the permission I put True or False, only one user i put True because i want that user is the one who permitted to add event or if she is login the add event link appear, but if other login the add event did not appear. This is my code in login: <?php session_start(); session_regenerate_id(); if($_SESSION['loggedin']){ //the user is already logged in, lets redirect them to the other page header("Location:company.php"); } //require_once 'conn.php'; $db_name="dspi"; mysql_connect("localhost", "root", "") or die("Cannot connect to server"); mysql_select_db("$db_name")or die("Cannot select DB"); $department = mysql_real_escape_string($_POST['department']); $username = mysql_real_escape_string($_POST['username']); $sql=mysql_query("SELECT `Department`, `Username` FROM `tbllogin` WHERE `Department` = '{$department}' AND Username = '{$username}'") or die(mysql_error()); $ct = mysql_num_rows($sql); if($ct == 1) { // im guessing this means that the user is valid. $_SESSION['loggedin'] = true; // now that the user is valid we change the session value. $row = mysql_fetch_assoc($sql); $_SESSION['username'] = $row['Username'] ; $_SESSION['department'] = $row['Department']; $Departments=array('Accounting', 'Engineering', 'Finishing_Goods', 'HRAD', 'MIS', 'Packaging_and_Design', 'Production', 'Purchasing_Logistic', 'QA_and_Technical', 'Supply_Chain'); if (in_array($row['Department'], $Departments)){ header ('Location:company.php'); }else{ echo "Incorrect Username or Department"; header ('Location:index.php'); } } ?> PHP: and this is my code in calendar page: <?php session_start(); $host = "localhost"; $username = ""; $password = ""; $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database'); $dbName = 'dspi'; mysql_select_db($dbName); ?> <html> <body> <script> function goLastMonth(month, year){ // If the month is January, decrement the year if(month == 1){ --year; month = 13; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year; } //next function function goNextMonth(month, year){ // If the month is December, increment the year if(month == 12){ ++year; month = 0; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year; } function remChars(txtControl, txtCount, intMaxLength) { if(txtControl.value.length > intMaxLength) txtControl.value = txtControl.value.substring(0, (intMaxLength-1)); else txtCount.value = intMaxLength - txtControl.value.length; } function checkFilled() { var filled = 0 var x = document.form1.calName.value; //x = x.replace(/^\s+/,""); // strip leading spaces if (x.length > 0) {filled ++} var y = document.form1.calDesc.value; //y = y.replace(/^s+/,""); // strip leading spaces if (y.length > 0) {filled ++} if (filled == 2) { document.getElementById("Submit").disabled = false; } else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased } </script> <?php //$todaysDate = date("n/j/Y"); //echo $todaysDate; // Get values from query string $day = (isset($_GET["day"])) ? $_GET['day'] : ""; $month = (isset($_GET["month"])) ? $_GET['month'] : ""; $year = (isset($_GET["year"])) ? $_GET['year'] : ""; //comparaters for today's date //$todaysDate = date("n/j/Y"); //$sel = (isset($_GET["sel"])) ? $_GET['sel'] : ""; //$what = (isset($_GET["what"])) ? $_GET['what'] : ""; //$day = (!isset($day)) ? $day = date("j") : $day = ""; if(empty($day)){ $day = date("j"); } if(empty($month)){ $month = date("n"); } if(empty($year)){ $year = date("Y"); } //set up vars for calendar etc $currentTimeStamp = strtotime("$year-$month-$day"); $monthName = date("F", $currentTimeStamp); $numDays = date("t", $currentTimeStamp); $counter = 0; //$numEventsThisMonth = 0; //$hasEvent = false; //$todaysEvents = ""; //run a selec statement to hi-light the days function hiLightEvt($eMonth,$eDay,$eYear){ //$tDayName = date("l"); $todaysDate = date("n/j/Y"); $dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; if($todaysDate == $dateToCompare){ //$aClass = '<span>' . $tDayName . '</span>'; $aClass='class="today"'; }else{ //$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; //echo $todaysDate; //return; $sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'"; //echo $sql; //return; $result = mysql_query($sql); while($row= mysql_fetch_array($result)){ if($row['eCount'] >=1){ $aClass = 'class="event"'; }elseif($row['eCount'] ==0){ $aClass ='class="normal"'; } } } return $aClass; } ?> <div id="Calendar_Event"> <table width="350" cellpadding="0" cellspacing="0"> <tr> <td width="50" colspan="1"> <input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);"> </td> <td width="250" colspan="5"> <span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br> </td> <td width="50" colspan="1" align="right"> <input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);"> </td> </tr> <tr> <th>M</td> <th>T</td> <th>W</td> <th>T</td> <th>F</td> <th>S</td> <th>S</td> </tr> <tr> <?php for($i = 1; $i < $numDays+1; $i++, $counter++){ $dateToCompare = $month . '/' . $i . '/' . $year; $timeStamp = strtotime("$year-$month-$i"); //echo $timeStamp . '<br/>'; if($i == 1){ // Workout when the first day of the month is $firstDay = date("N", $timeStamp); for($j = 1; $j < $firstDay; $j++, $counter++){ echo "<td> </td>"; } } if($counter % 7 == 0 ){ ?> </tr><tr> <?php } ?> <!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> <?php } ?> </table> </div> <div id="New_Event"> <?php if(isset($_GET['v'])){ if(isset($_POST['Submit'])){ $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())"; mysql_query($sql); } $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'"; //echo $sql; //return; $result = mysql_query($sql); $numRows = mysql_num_rows($result); $check=mysql_query("SELECT * FROM tbllogin WHERE Username='xxx' AND Department='HRAD' AND Permission='True'"); mysql_fetch_array($check); if($check['Username']=='xxx' && $check['Department']=='HRAD'){ $_SESSION['isallowed'] = $check['Permission']; //if (mysql_num_rows($check)>0){ ?> <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a><?php }else{ echo 'You cannot Add New Event'; }?> </div> <div id="Cal_Event"> <?php if(isset($_GET['f'])){ include 'calform.php'; } if($numRows == 0 ){ echo ''; }else{ //echo '<ul>'; echo '<h3>Event Listed</h3>'; while($row = mysql_fetch_array($result)){ ?> <h5><?=$row['calName'];?></h5> <?=$row['calDesc'];?><br/> Listed On: <?=$row['calStamp'];?> <?php } } } ?> </div> </body> </html> PHP: In that code when the user log is xxx and when she click a date she want to add event the appear is "You cannot Add Event". I hope somebody can help me.. Thank you in advance...
Hi I have copied the code and I"ll let you know the solution for it after debugging it. Because the logic and code snippet looks pretty ok to me so lets check what is going wrong?.
Good day! Theres a changes in my calendar code and the result in my new code is in all user the add event link was appear: this is my new code in calendar <?php session_start(); $host = "localhost"; $username = ""; $password = ""; $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database'); $dbName = 'dspi'; mysql_select_db($dbName); ?> <html> <body> <script> function goLastMonth(month, year){ // If the month is January, decrement the year if(month == 1){ --year; month = 13; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year; } //next function function goNextMonth(month, year){ // If the month is December, increment the year if(month == 12){ ++year; month = 0; } document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year; } function remChars(txtControl, txtCount, intMaxLength) { if(txtControl.value.length > intMaxLength) txtControl.value = txtControl.value.substring(0, (intMaxLength-1)); else txtCount.value = intMaxLength - txtControl.value.length; } function checkFilled() { var filled = 0 var x = document.form1.calName.value; //x = x.replace(/^\s+/,""); // strip leading spaces if (x.length > 0) {filled ++} var y = document.form1.calDesc.value; //y = y.replace(/^s+/,""); // strip leading spaces if (y.length > 0) {filled ++} if (filled == 2) { document.getElementById("Submit").disabled = false; } else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased } </script> <?php //$todaysDate = date("n/j/Y"); //echo $todaysDate; // Get values from query string $day = (isset($_GET["day"])) ? $_GET['day'] : ""; $month = (isset($_GET["month"])) ? $_GET['month'] : ""; $year = (isset($_GET["year"])) ? $_GET['year'] : ""; //comparaters for today's date //$todaysDate = date("n/j/Y"); //$sel = (isset($_GET["sel"])) ? $_GET['sel'] : ""; //$what = (isset($_GET["what"])) ? $_GET['what'] : ""; //$day = (!isset($day)) ? $day = date("j") : $day = ""; if(empty($day)){ $day = date("j"); } if(empty($month)){ $month = date("n"); } if(empty($year)){ $year = date("Y"); } //set up vars for calendar etc $currentTimeStamp = strtotime("$year-$month-$day"); $monthName = date("F", $currentTimeStamp); $numDays = date("t", $currentTimeStamp); $counter = 0; //$numEventsThisMonth = 0; //$hasEvent = false; //$todaysEvents = ""; //run a selec statement to hi-light the days function hiLightEvt($eMonth,$eDay,$eYear){ //$tDayName = date("l"); $todaysDate = date("n/j/Y"); $dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; if($todaysDate == $dateToCompare){ //$aClass = '<span>' . $tDayName . '</span>'; $aClass='class="today"'; }else{ //$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear; //echo $todaysDate; //return; $sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'"; //echo $sql; //return; $result = mysql_query($sql); while($row= mysql_fetch_array($result)){ if($row['eCount'] >=1){ $aClass = 'class="event"'; }elseif($row['eCount'] ==0){ $aClass ='class="normal"'; } } } return $aClass; } ?> <div id="Calendar_Event"> <table width="350" cellpadding="0" cellspacing="0"> <tr> <td width="50" colspan="1"> <input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);"> </td> <td width="250" colspan="5"> <span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br> </td> <td width="50" colspan="1" align="right"> <input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);"> </td> </tr> <tr> <th>M</td> <th>T</td> <th>W</td> <th>T</td> <th>F</td> <th>S</td> <th>S</td> </tr> <tr> <?php for($i = 1; $i < $numDays+1; $i++, $counter++){ $dateToCompare = $month . '/' . $i . '/' . $year; $timeStamp = strtotime("$year-$month-$i"); //echo $timeStamp . '<br/>'; if($i == 1){ // Workout when the first day of the month is $firstDay = date("N", $timeStamp); for($j = 1; $j < $firstDay; $j++, $counter++){ echo "<td> </td>"; } } if($counter % 7 == 0 ){ ?> </tr><tr> <?php } ?> <!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> <?php } ?> </table> </div> <div id="New_Event"> <?php if(isset($_GET['v'])){ if(isset($_POST['Submit'])){ $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())"; mysql_query($sql); } $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'"; //echo $sql; //return; $result = mysql_query($sql); $numRows = mysql_num_rows($result); $check1=mysql_query("SELECT * FROM tbllogin WHERE Username='maan.manalo@dunlop.ph' AND Department='HRAD' AND Permission='True'"); $check2 = mysql_fetch_array($check1); if($check2['Username']=='maan.manalo@dunlop.ph' && $check2['Department']=='HRAD'){ $_SESSION['isallowed'] = $check2['Permission']; //if (mysql_num_rows($check)>0){ ?> <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a><?php }else{ echo 'You cannot Add New Event'; }?> </div> <div id="Cal_Event"> <?php if(isset($_GET['f'])){ include 'calform.php'; } if($numRows == 0 ){ echo ''; }else{ //echo '<ul>'; echo '<h3>Event Listed</h3>'; while($row = mysql_fetch_array($result)){ ?> <h5><?=$row['calName'];?></h5> <?=$row['calDesc'];?><br/> Listed On: <?=$row['calStamp'];?> <?php } } } ?> </div> </body> </html> PHP: