Hi. I am quite new to this so please forgive any obvious errors
I have been working through the php/MySql tut OK, until I branch out on my own.
I have set up a log in page which allows users in --- but if I log in as a superuser all works fine - but if I log in as a user who has SELECT, INSERT, and UPDATE rights, my script falls over when it tries to select the list of authors for the drop down list, and the categories to appear in the checkboxes.
I know my user and password variables are correct as I echo them - and if I try to edit on another page - I am denied
So........ Many Thanks - Love the forum
Here is the code for the page
<?php
session_start();
?>
<HTML>
<HEAD>
<TITLE> Add New Joke </TITLE>
</HEAD>
<BODY>
<?php

if ($submit): // A new joke has been entered
// using the form.

if ($aid == "") {
echo("<P>You must choose an author " .
"for this joke. Click 'Back' " .
"and try again.</P>");
exit();
}

$dbcnx = @mysql_connect("localhost", $user, $pass);
@mysql_select_db("Jokes");
if (!$dbcnx) {
echo("<P>" . $user . ",I told you that you CAN'T edit, only LOOK</P>");
exit();
}
$sql = "INSERT INTO Jokes SET " .
"JokeText='$joketext', " .
"AID='$aid'";
if (mysql_query($sql)) {
echo("<P>New joke added</P>");
} else {
echo("<P>Error adding new joke: " .
mysql_error() . "</P>");
}

$jid = mysql_insert_id();

$cats = mysql_query("SELECT ID, Category FROM Categories");
// Line 40
while ($cat = mysql_fetch_array($cats)) {
$cid = $cat["ID"];
$cname = $cat["Category"];
$var = "cat$cid"; // The name of the variable
if ($$var) { // The checkbox is checked
$sql = "INSERT IGNORE INTO JokeLookup " .
"SET JID=$jid, CID=$cid";
$ok = mysql_query($sql);
if ($ok) {
echo("<P>Joke added to category: $cname</P>");
} else {
echo("<P>Error inserting joke into category $cname:" .
mysql_error() . "</P>");
}
} // end of if ($$var)
} // end of while loop
?>

<P><A HREF="<?php echo($PHP_SELF); ?>">Add another Joke</A></P>
<P><A HREF="jokes.php">Return to Joke Search</A></P>

<?php
else: // Allow the user to enter a new category
// Line 64
$dbcnx = mysql_connect("localhost", $user, $pass);
mysql_select_db("jokes");

$authors = mysql_query("SELECT ID, Name FROM Authors");
$cats = mysql_query("SELECT ID, Category FROM Categories");
?>

<FORM ACTION="<?php echo($PHP_SELF); ?>" METHOD=POST>
<P>Enter the new jokeBR>
<TEXTAREA NAME="joketext" ROWS=15 COLS=45 WRAP>
</TEXTAREA>
<P>Author:
<?php
// This echos fine ---- echo($user . " " . $pass);
?>
<SELECT NAME="aid" SIZE=1>
<OPTION SELECTED VALUE="">Select One
<OPTION VALUE="">
<?php
// *************** This is where it falls over
while ($author = mysql_fetch_array($authors)) {
$aid = $author["ID"];
$aname = $author["Name"];
echo("<OPTION VALUE='$aid'>$aname\n");
}
?>
</SELECT></P>
<P>Place in categoriesBR>
<?php
// This echoes fine ----- echo($user . " " . $pass);
// **************** This falls over
while ($cat = mysql_fetch_array($cats)) {
$cid = $cat["ID"];
$cname = $cat["Category"];
echo("<INPUT TYPE=CHECKBOX NAME='cat$cid'>$cname<BR>\n");
}
?>
</P>
<P><INPUT TYPE=SUBMIT NAME="submit" VALUE="SUBMIT"></P>
</FORM>
<?php endif; ?>
</BODY>
</HTML>