Restriction in Adding Events

Discussion in 'PHP' started by rhodarose, Sep 5, 2010.

0
  1. #1
    i want to share my problem in my website

    For the better understandng of my website, I want to tell all the details.

    1. I have a database and i has a 2 tables 1 for the tbllogin which consist of Username and Department, and the second table is caltbl which i use for the calendar events.

    2.When my website run the first webpage is the login form. If the Username and Department is correct she can browse the other webpages, like the calendar event.


    3. In the calendar event you can see the calendar and when you click the date theirs a link "new event" appear and if theirs no existing event theres a text saying "No Events", when you click the link you can add events. I want that theirs a specific person that can only add events for the restriction of adding events. I want to happen that if the user is xxx and her department is yyy the link shoud appear and she can add events. i want that only to her the link should be appear..

    here is the code:
    
<?php
$host = "localhost";

	$username = "";

	$password = "";

	$dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database');

	$dbName = 'dspi';

	mysql_select_db($dbName);	
?>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>DSPI CALENDAR EVENTS</title>
<script>
function goLastMonth(month, year){
// If the month is January, decrement the year
if(month == 1){
--year;
month = 13;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;
}
//next function
function goNextMonth(month, year){
// If the month is December, increment the year
if(month == 12){
++year;
month = 0;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;
} 

function remChars(txtControl, txtCount, intMaxLength)
{
if(txtControl.value.length > intMaxLength)
txtControl.value = txtControl.value.substring(0, (intMaxLength-1));
else
txtCount.value = intMaxLength - txtControl.value.length;
}

function checkFilled() {
var filled = 0
var x = document.form1.calName.value;
//x = x.replace(/^\s+/,""); // strip leading spaces
if (x.length > 0) {filled ++}

var y = document.form1.calDesc.value;
//y = y.replace(/^s+/,""); // strip leading spaces
if (y.length > 0) {filled ++}

if (filled == 2) {
document.getElementById("Submit").disabled = false;
}
else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased

}

</script>
<style>
body{
background-image: url(layout_image/bgroundv09.png);
background-attachment: fixed; 
font-family:Georgia, "Times New Roman", Times, serif;
font-size:16px;
}
.today{
/*background-color:#00CCCC;*/
font-weight:bold;
font-style:italic;
border-bottom-style:dashed;
background-image:url(calBg.jpg);
background-repeat:no-repeat;
background-position:center;
position:relative;
color:#FFFF00;
}
.today span{
position:absolute;
left:0;
top:0; 
}

.today a{
color:#FFFF00;
padding-top:10px;
}
.selected {
color: #FFFFFF;
background-color: #C00000;
}
.event {
/*background-color: #C6D1DC;*/
/*border:1px solid #ffffff;*/
background-image:url(layout_image/boxv01.png);
border: 1px ;
/*border-bottom-style:dashed;*/
/*border color #427e1a;*/
} 
.normal {

} 
table{
border:1px solid #cccccc;
padding:3px;
}
th{
width:36px;
background-color:#bcdd24;
text-align:center;
color:#ffffff;
border-left:1px solid #ffffff;
}
td{
text-align:center;
padding:8px;
margin:0;
}
table.tableClass{
width:350px;
border:none;
border-collapse: collapse;
font-size:85%;
border:1px dotted #cccccc;
}
table.tableClass input,textarea{
font-size:90%;
}
#form1{
margin:5px 0 0 0;
}
#greyBox{
height:10px;
width:10px;
background-color:#C6D1DC;
border:1px solid #666666;
margin:5px;
}
#hr{border-bottom:1px solid #cccccc;width:300px;}
.output{width:300px;border-bottom:1px dotted #ccc;margin-bottom:5px;padding:6px;}
h5{margin:0;}

</style>
<style type="text/css">
#Calendar_Event {
	position:absolute;
	width:200px;
	height:101px;
	z-index:2;
	left: 255px;
	top: 233px;
}
#New_Event {
	position:absolute;
	width:138px;
	height:28px;
	z-index:3;
	left: 620px;
	top: 233px;
	visibility:hidden;
}
#Cal_Events {
	position:absolute;
	width:200px;
	height:115px;
	z-index:7;
	left: 619px;
	top: 271px;
}
</style>

</head>

<body>
<form>
<div id="nav_vertical">
<ul>
<li id="current"><a href="Calendar_Event.php" title="CALENDAR EVENT" target="_self"><span>CALENDAR EVENT</span></a></li>
<li><a href="roland_garros.php" title="RONALD GARROS" target="_self"><span>ROLAND GARROS</span></a></li>
<li><a href="wimbledon.php" title="WIMBLEDON" target="_self"><span>WIMBLEDON</span></a></li>
</ul>
</div>
<div id="ddcolortabs">
<ul>
<li> <a href="Products.php" title="Products" target="_self"><span>Products</span></a></li>
<li id="current"><a href="Event.php" title="Events" target="_self"><span>Events</span></a></li>
<li style="margin-left: 1px"><a href="Company.php" title="Company" target="_self"><span>Company</span></a></li>
</ul>
</div>
<div id="ddcolortabsline"></div>
<div id="dunlop_lazenger"><img src="layout_image/dunlop_slazenger.png" width="170" height="200" /></div>
<div id="Layer1_background_green"><img src="layout_image/LINE.png" width="1020" height="417" /></div>
<div id="green_frame"><img src="layout_image/vertical left v01.jpg" width="174" height="410" /></div>
<div id="Layer4_horizontal_line"><img src="layout_image/horizontal_line.png" width="1020" height="5" /></div>
</form>
<?php
//$todaysDate = date("n/j/Y");
//echo $todaysDate;
// Get values from query string
$day = (isset($_GET["day"])) ? $_GET['day'] : "";
$month = (isset($_GET["month"])) ? $_GET['month'] : "";
$year = (isset($_GET["year"])) ? $_GET['year'] : "";
//comparaters for today's date
//$todaysDate = date("n/j/Y");
//$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
//$what = (isset($_GET["what"])) ? $_GET['what'] : "";

//$day = (!isset($day)) ? $day = date("j") : $day = "";
if(empty($day)){ $day = date("j"); }

if(empty($month)){ $month = date("n"); }

if(empty($year)){ $year = date("Y"); } 
//set up vars for calendar etc
$currentTimeStamp = strtotime("$year-$month-$day");
$monthName = date("F", $currentTimeStamp);
$numDays = date("t", $currentTimeStamp);
$counter = 0;
//$numEventsThisMonth = 0;
//$hasEvent = false;
//$todaysEvents = ""; 
//run a selec statement to hi-light the days
function hiLightEvt($eMonth,$eDay,$eYear){
//$tDayName = date("l");
$todaysDate = date("n/j/Y");
$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
if($todaysDate == $dateToCompare){
//$aClass = '<span>' . $tDayName . '</span>';
$aClass='class="today"';
}else{
//$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
//echo $todaysDate;
//return;
$sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
while($row= mysql_fetch_array($result)){
if($row['eCount'] >=1){
$aClass = 'class="event"';
}elseif($row['eCount'] ==0){
$aClass ='class="normal"';
}
}
}
return $aClass;
}
?>
<div id="Calendar_Event">
<table width="350" cellpadding="0" cellspacing="0">
<tr>
<td width="50" colspan="1">
<input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);">
</td>
<td width="250" colspan="5">
<span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br>
</td>
<td width="50" colspan="1" align="right">
<input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);">
</td>
</tr> 
<tr>
<th>M</td>
<th>T</td>
<th>W</td>
<th>T</td>
<th>F</td>
<th>S</td>
<th>S</td>
</tr>
<tr>
<?php
for($i = 1; $i < $numDays+1; $i++, $counter++){
$dateToCompare = $month . '/' . $i . '/' . $year;
$timeStamp = strtotime("$year-$month-$i");
//echo $timeStamp . '<br/>';
if($i == 1){
// Workout when the first day of the month is
$firstDay = date("N", $timeStamp);
for($j = 1; $j < $firstDay; $j++, $counter++){
echo "<td>&nbsp;</td>";
} 
}
if($counter % 7 == 0 ){
?>
</tr><tr>
<?php
}
?>
<!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> 
<?php
}
?>
</table>
</div>
<div id="New_Event">
<?php
$sql="Select Username, Department from tbllogin where Username =='jhoe.buergo@dunlop.ph' && Department=='HRAD'";
mysql_query($sql);
$username = $_POST['Username'];
$department = $_POST['Department'];
if($username=='jhoe.buergo@dunlop.ph' && $department=='HRAD') : ?>
echo '<a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">New Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true" >t</a>';
<?php endif;?>
<?php
if(isset($_GET['v'])){
if(isset($_POST['Submit'])){
$sql="insert into calTbl(calName,calDesc,calDate) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())";
mysql_query($sql);
}
$sql="select calName,calDesc from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
$numRows = mysql_num_rows($result);
?>
<a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">New Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true"  >t</a><br/>
</div>
<div id="Cal_Events">
<?php
if(isset($_GET['f'])){
include 'calForm.php';
}
if($numRows == 0 ){
echo '<h3>No Events</h3>';
}else{
//echo '<ul>';
echo '<h3>Events Listed</h3>';
while($row = mysql_fetch_array($result)){
?>

<h5><?=$row['calName'];?></h5>
<?=$row['calDesc'];?><br/>
<?php
}
}
}
?>
</div>
</body>
</html>
    PHP:
     
    rhodarose, Sep 5, 2010 IP
  2. themullet

    themullet Member

    Messages:
    110
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    26
    #2
    would say have a look at your code, some pretty big problems around that will stop it working, i.e. problems with closures
    if($username=='jhoe.buergo@dunlop.ph' && $department=='HRAD') : ?>
echo '<a href="<?=$_SERVER['PHP_SELF'];?>
    PHP:
    probably should be more like
    
if($username=='jhoe.buergo@dunlop.ph' && $department=='HRAD') 
echo '<a href="<?=$_SERVER['PHP_SELF'];?>
    PHP:
     
    themullet, Sep 6, 2010 IP
  3. rhodarose

    rhodarose Peon

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Good day

    Thank you for the code that you suggested, but i encountered error parse error in
    echo '<a href="<?=$_SERVER['PHP_SELF'];?>

    and i try this code:
    
<?php
if(isset($_GET['v'])){
if(isset($_POST['Submit'])){
$sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())";
mysql_query($sql);
}
$sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
$numRows = mysql_num_rows($result);

$check=mysql_query("SELECT * FROM tbllogin WHERE Username='rhoda.barrera@dunlop.ph' AND Department='MIS'");
$username=$_POST['Username'];
$department=$_POST['Department'];
if ($username=='rhoda.barrera@dunlop.ph' && $department=='MIS'){ ?>

<a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">New Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a>
<?php
}else{
echo 'You cannot Add New Event';
}?>
    PHP:
    and when i choose one date, echo "You cannot Add new event" was appear instead of the link add event.
     
    rhodarose, Sep 6, 2010 IP
  4. rhodarose

    rhodarose Peon

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    i have a new code and the output of this is in all user who login the add event was appear:

    
<?php
$host = "localhost";

	$username = "";

	$password = "";

	$dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database');

	$dbName = 'dspi';

	mysql_select_db($dbName);	
?>
<html>
<body>
<script>
function goLastMonth(month, year){
// If the month is January, decrement the year
if(month == 1){
--year;
month = 13;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;
}
//next function
function goNextMonth(month, year){
// If the month is December, increment the year
if(month == 12){
++year;
month = 0;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;
} 

function remChars(txtControl, txtCount, intMaxLength)
{
if(txtControl.value.length > intMaxLength)
txtControl.value = txtControl.value.substring(0, (intMaxLength-1));
else
txtCount.value = intMaxLength - txtControl.value.length;
}

function checkFilled() {
var filled = 0
var x = document.form1.calName.value;
//x = x.replace(/^\s+/,""); // strip leading spaces
if (x.length > 0) {filled ++}

var y = document.form1.calDesc.value;
//y = y.replace(/^s+/,""); // strip leading spaces
if (y.length > 0) {filled ++}

if (filled == 2) {
document.getElementById("Submit").disabled = false;
}
else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased

}

</script>
<?php
//$todaysDate = date("n/j/Y");
//echo $todaysDate;
// Get values from query string
$day = (isset($_GET["day"])) ? $_GET['day'] : "";
$month = (isset($_GET["month"])) ? $_GET['month'] : "";
$year = (isset($_GET["year"])) ? $_GET['year'] : "";
//comparaters for today's date
//$todaysDate = date("n/j/Y");
//$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
//$what = (isset($_GET["what"])) ? $_GET['what'] : "";

//$day = (!isset($day)) ? $day = date("j") : $day = "";
if(empty($day)){ $day = date("j"); }

if(empty($month)){ $month = date("n"); }

if(empty($year)){ $year = date("Y"); } 
//set up vars for calendar etc
$currentTimeStamp = strtotime("$year-$month-$day");
$monthName = date("F", $currentTimeStamp);
$numDays = date("t", $currentTimeStamp);
$counter = 0;
//$numEventsThisMonth = 0;
//$hasEvent = false;
//$todaysEvents = ""; 
//run a selec statement to hi-light the days
function hiLightEvt($eMonth,$eDay,$eYear){
//$tDayName = date("l");
$todaysDate = date("n/j/Y");
$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
if($todaysDate == $dateToCompare){
//$aClass = '<span>' . $tDayName . '</span>';
$aClass='class="today"';
}else{
//$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
//echo $todaysDate;
//return;
$sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
while($row= mysql_fetch_array($result)){
if($row['eCount'] >=1){
$aClass = 'class="event"';
}elseif($row['eCount'] ==0){
$aClass ='class="normal"';
}
}
}
return $aClass;
}
?>
<div id="Calendar_Event">
<table width="350" cellpadding="0" cellspacing="0">
<tr>
<td width="50" colspan="1">
<input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);">
</td>
<td width="250" colspan="5">
<span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br>
</td>
<td width="50" colspan="1" align="right">
<input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);">
</td>
</tr> 
<tr>
<th>M</td>
<th>T</td>
<th>W</td>
<th>T</td>
<th>F</td>
<th>S</td>
<th>S</td>
</tr>
<tr>
<?php
for($i = 1; $i < $numDays+1; $i++, $counter++){
$dateToCompare = $month . '/' . $i . '/' . $year;
$timeStamp = strtotime("$year-$month-$i");
//echo $timeStamp . '<br/>';
if($i == 1){
// Workout when the first day of the month is
$firstDay = date("N", $timeStamp);
for($j = 1; $j < $firstDay; $j++, $counter++){
echo "<td>&nbsp;</td>";
} 
}
if($counter % 7 == 0 ){
?>
</tr><tr>
<?php
}
?>
<!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> 
<?php
}
?>
</table>
</div>
<div id="New_Event">
<?php
if(isset($_GET['v'])){
if(isset($_POST['Submit'])){
$sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())";
mysql_query($sql);
}
$sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
$numRows = mysql_num_rows($result);

$check=mysql_query("SELECT * FROM tbllogin WHERE Username='rhoda.barrera@dunlop.ph' AND Department='MIS'");
if (mysql_num_rows($check)>0){ 
?>
<a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a><?php
}else{
echo 'You cannot Add New Event';
}?>
</div>
<div id="Cal_Event">
<?php
if(isset($_GET['f'])){
include 'calform.php';
}
if($numRows == 0 ){
echo '';
}else{
//echo '<ul>';
echo '<h3>Event Listed</h3>';
while($row = mysql_fetch_array($result)){
?>

<h5><?=$row['calName'];?></h5>
<?=$row['calDesc'];?><br/>
Listed On: <?=$row['calStamp'];?>
<?php
}
}
}
?>
</div>
</body>
</html>
    PHP:
     
    rhodarose, Sep 19, 2010 IP