I have a "transactions" table which has a number of transaction details (e.g. date, transaction_type, transaction_description, value and username)
and I allow a "manager" who logs in with the UserID which is the same as the "username" field in the "transactions" table
In order for each "manager" only to see the transactions that they have captured (which is required), I have added the following code in the "Events" of the "transactions" table
on List Page: Before SQl Query:
if ($_SESSION["category"]=="manager")
{
$strWhereClause = "(username like '%$_SESSION[UserID]%')";
}
While this works perfectly when listing the transactions (transactions_list.php); it has a major problem in that with a "Delete" "with selected" it then deletes ALL records for the logged in UserID!
Obviously my event code shown above is being applied to all operations on the list page, including the delete.
I would really appreciate some help in correcting this.