[SOLVED] Dynamic Query depending on User GroupID

This topic is locked

[SOLVED] Â Dynamic Query depending on User GroupID	11/27/2013 1:34:19 AM
PHPRunner General questions
D DUKE author Hi Everyone, I am trying to do a dynamic query on my list pages depending on the user group: If the logged in user is a member of the 'editors' group (Group ID 3), he must see only his own records. this is the code in "after table initialized" : //Do a query to store the group ID in a custom variable $rstmp = CustomQuery("select GroupID from security_ugmembers where UserName='".$_SESSION["UserID"]."'"); $datatmp = db_fetch_array($rstmp); $_SESSION["CustomGroupID"] = $datatmp["GroupID"]; //Test if the logged in user is in Group 3, if he is, show him only his own records. if ($_SESSION["CustomGroupID"]=3)$query->addWhere("userid='".$_SESSION["UserName"]."'"); My problem is: If an admin user logs in (Group id -1 or 1) he sees no records. I have checked the permissions and the admins should be able to view all records.

Mark as Solved Mark as not solved

3 replies


C	cgphp 11/27/2013
	For comparison test use == not = `if ($_SESSION["CustomGroupID"] == 3) { $query->addWhere("userid='".$_SESSION["UserID"]."'"); }`


D	DUKE author 11/27/2013
	Hi Christian, This works perfectly thanks! I have one question though: Where is the best place to do this type of filtering? [list page before SQL query] using $strWhereClause or [after table initialised] using $query->addWhere The reason why I am asking is because we expect the database to grow quite large. Do both these methods have the same performance, or is one method better than the other? Do they do exactly the same thing or is one better than the other? For comparison test use == not = `if ($_SESSION["CustomGroupID"] == 3) { $query->addWhere("userid='".$_SESSION["UserID"]."'"); }`


	Admin 11/28/2013
	It doesn't really matter where you add it, works the same way.

3 replies

Mark as Solved Reply