ted hart
|
| Posted: 09/08/2003, 10:15 AM |
|
Knowing that we have one table for security & 3 tables for jobs, employment
ads, and one for freelancers.
People have to register (security table) to be able to fill a profile/ad
(jobs - opportunities & freelancers) UserId is related to security table
(right?) so how can I get a user that registered as a freelancer update his
profile ONLY (and not other users profiles) in freelancers table (security
and group levels allows them to update/edit any record in table).
UserId is the autoincrement field in table "members" which is the security
table. WHERE condition is where id = id or userid = id.
In other tables (Jobseekers, Job Ads, or freelancers ) id (autoincrement is
generated when registered in members (security) table) I thought maybe I
have to pass the value from UserId (members table) to another field in
information table (jobseekers for example) to allow update of the record the
registered user created only.
Thanks for your help
|
|
|
 |
michael weaver
|
| Posted: 09/11/2003, 7:27 AM |
|
Hi Ted,
Sorry no one responded sooner. You may be over-thinking the problem, but
then again I might be under-thinking it 
First, I think your db structure is basically right. There just needs to be
some way of connecting the freelancers table to the members table. That can
be done by adding a UserID field to the freelancers table, or by creating
another table with a field for UserID and a field for freelancerID. The
first way is easier and better for smaller jobs IMO, the second method is
best if you are expecting a ton of data and traffic and plan to expand your
application extensively.
The easiest way for you to restrict access for members is to restrict access
to the freelancers table by session, not parameter. In your Data Source add
a WHERE clause that is of type session. So:
SELECT * from FREELANCE WHERE UserID={UserID}
or something like that. With a session someone can't go in and change the
URL to get at the other records. I guess you could also do it with a
parameter, but you want to make sure that it compares the user's UserID to
ther record's UserID, and allows nothing else.
Then, to automatically put the member's UserID in the freelancers table, add
a new column to the Freelancers table, and then add some custom code like
this (PHP):
Before Insert/Update:
global $your_freelancer_formName;
global $DByour_connectionName;
$user = CCGetSession(UserID);
$your_freelancer_formName->your_freelancer_UserID_columnName->SetValue($user
);
I hope this helps. Heck, I hope it's right! Write back if you have any other
questions, or if this doesn't work
michael
"ted hart" <ted@hart.com> wrote in message
news:bjidf7$ggm$1@news.codecharge.com...
> Knowing that we have one table for security & 3 tables for jobs,
employment
> ads, and one for freelancers.
>
> People have to register (security table) to be able to fill a profile/ad
> (jobs - opportunities & freelancers) UserId is related to security table
> (right?) so how can I get a user that registered as a freelancer update
his
> profile ONLY (and not other users profiles) in freelancers table (security
> and group levels allows them to update/edit any record in table).
>
> UserId is the autoincrement field in table "members" which is the security
> table. WHERE condition is where id = id or userid = id.
>
> In other tables (Jobseekers, Job Ads, or freelancers ) id (autoincrement
is
> generated when registered in members (security) table) I thought maybe I
> have to pass the value from UserId (members table) to another field in
> information table (jobseekers for example) to allow update of the record
the
> registered user created only.
>
> Thanks for your help
>
>
>
|
|
|
|
ted hart
|
| Posted: 09/11/2003, 10:38 PM |
|
Michael
Thanks will try it... it is in line with I had thought...
I will let the board know
Cheers
"ted hart" <ted@hart.com> wrote in message
news:bjidf7$ggm$1@news.codecharge.com...
> Knowing that we have one table for security & 3 tables for jobs,
employment
> ads, and one for freelancers.
>
> People have to register (security table) to be able to fill a profile/ad
> (jobs - opportunities & freelancers) UserId is related to security table
> (right?) so how can I get a user that registered as a freelancer update
his
> profile ONLY (and not other users profiles) in freelancers table (security
> and group levels allows them to update/edit any record in table).
>
> UserId is the autoincrement field in table "members" which is the security
> table. WHERE condition is where id = id or userid = id.
>
> In other tables (Jobseekers, Job Ads, or freelancers ) id (autoincrement
is
> generated when registered in members (security) table) I thought maybe I
> have to pass the value from UserId (members table) to another field in
> information table (jobseekers for example) to allow update of the record
the
> registered user created only.
>
> Thanks for your help
>
>
>
|
|
|
|
|
