SitePoint Sponsor

User Tag List

Results 1 to 23 of 23
  1. #1
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Restriction in Adding Events in Calendar

    i want to share my problem in my website

    For the better understandng of my website, I want to tell all the details.

    1. I have a database and i has a 2 tables 1 for the tbllogin which consist of Username and Department, and the second table is caltbl which i use for the calendar events.

    2.When my website run the first webpage is the login form. If the Username and Department is correct she can browse the other webpages, like the calendar event.


    3. In the calendar event you can see the calendar and when you click the date theirs a link "new event" appear and if theirs no existing event theres a text saying "No Events", when you click the link you can add events. I want that theirs a specific person that can only add events for the restriction of adding events. I want to happen that if the user is xxx and her department is yyy the link shoud appear and she can add events. i want that only to her the link should be appear..

    here is the code:
    PHP Code:
    <?php
    $host 
    "localhost";

        
    $username "";

        
    $password "";

        
    $dbCnx = @mysql_connect($host$username$password) or die('Could not Connect to the database');

        
    $dbName 'dspi';

        
    mysql_select_db($dbName);    
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>DSPI CALENDAR EVENTS</title>
    <script>
    function goLastMonth(month, year){
    // If the month is January, decrement the year
    if(month == 1){
    --year;
    month = 13;
    }
    document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;
    }
    //next function
    function goNextMonth(month, year){
    // If the month is December, increment the year
    if(month == 12){
    ++year;
    month = 0;
    }
    document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;


    function remChars(txtControl, txtCount, intMaxLength)
    {
    if(txtControl.value.length > intMaxLength)
    txtControl.value = txtControl.value.substring(0, (intMaxLength-1));
    else
    txtCount.value = intMaxLength - txtControl.value.length;
    }

    function checkFilled() {
    var filled = 0
    var x = document.form1.calName.value;
    //x = x.replace(/^\s+/,""); // strip leading spaces
    if (x.length > 0) {filled ++}

    var y = document.form1.calDesc.value;
    //y = y.replace(/^s+/,""); // strip leading spaces
    if (y.length > 0) {filled ++}

    if (filled == 2) {
    document.getElementById("Submit").disabled = false;
    }
    else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased

    }

    </script>
    <style>
    body{
    background-image: url(layout_image/bgroundv09.png);
    background-attachment: fixed; 
    font-family:Georgia, "Times New Roman", Times, serif;
    font-size:16px;
    }
    .today{
    /*background-color:#00CCCC;*/
    font-weight:bold;
    font-style:italic;
    border-bottom-style:dashed;
    background-image:url(calBg.jpg);
    background-repeat:no-repeat;
    background-position:center;
    position:relative;
    color:#FFFF00;
    }
    .today span{
    position:absolute;
    left:0;
    top:0; 
    }

    .today a{
    color:#FFFF00;
    padding-top:10px;
    }
    .selected {
    color: #FFFFFF;
    background-color: #C00000;
    }
    .event {
    /*background-color: #C6D1DC;*/
    /*border:1px solid #ffffff;*/
    background-image:url(layout_image/boxv01.png);
    border: 1px ;
    /*border-bottom-style:dashed;*/
    /*border color #427e1a;*/

    .normal {


    table{
    border:1px solid #cccccc;
    padding:3px;
    }
    th{
    width:36px;
    background-color:#bcdd24;
    text-align:center;
    color:#ffffff;
    border-left:1px solid #ffffff;
    }
    td{
    text-align:center;
    padding:8px;
    margin:0;
    }
    table.tableClass{
    width:350px;
    border:none;
    border-collapse: collapse;
    font-size:85%;
    border:1px dotted #cccccc;
    }
    table.tableClass input,textarea{
    font-size:90%;
    }
    #form1{
    margin:5px 0 0 0;
    }
    #greyBox{
    height:10px;
    width:10px;
    background-color:#C6D1DC;
    border:1px solid #666666;
    margin:5px;
    }
    #hr{border-bottom:1px solid #cccccc;width:300px;}
    .output{width:300px;border-bottom:1px dotted #ccc;margin-bottom:5px;padding:6px;}
    h5{margin:0;}

    </style>
    <style type="text/css">
    #Calendar_Event {
        position:absolute;
        width:200px;
        height:94px;
        z-index:2;
        left: 255px;
        top: 233px;
    }
    #New_Event {
        position:absolute;
        width:126px;
        height:21px;
        z-index:3;
        left: 612px;
        top: 232px;
    }
    </style>

    <style type="text/css">

    #ddcolortabs{
    margin-left: 2px;
    padding: 0;
    width: 100%;
    background: transparent;
    voice-family: "\"}\"";
    voice-family: inherit;
    padding-left: 2px;
    }

    #ddcolortabs ul{
    font: bold 12px Arial, Verdana, sans-serif;
    margin:0;
    padding:0;
    list-style:none;
    }

    #ddcolortabs li{
    display:inline;
    margin:0 2px 0 0;
    padding:0;
    text-transform:uppercase;
    }


    #ddcolortabs a{
    float:right;
    color: white;
    background: #8cb85c url(layout_image/color_tabs_left.gif) no-repeat left top;
    margin:115px 2px 0 0;
    padding:0px 0 1px 3px;
    text-decoration:none;
    letter-spacing: 1px;
    }

    #ddcolortabs a span{
    float:right;
    display:block;
    /*background: transparent url(layout_image/color_tabs_right.gif) no-repeat right top;*/
    padding:6px 9px 2px 6px;
    }

    #ddcolortabs a span{
    float:none;
    }


    #ddcolortabs a:hover{
    background-color: #678b3f;
    }

    #ddcolortabs a:hover span{
    background-color: #678b3f ;
    }

    #ddcolortabs #current a, #ddcolortabs #current span{ /*currently selected tab*/
    background-color: #678b3f;
    }
    </style>

    <style type="text/css">
    #Layer4_horizontal_line {
        position:absolute;
        width:980px;
        height:5px;
        z-index:3;
        left: 0px;
        top: 150px;
    }
    #green_frame {
        position:absolute;
        width:172px;
        height:384px;
        z-index:4;
        left: 0px;
        top: 156px;
    }
    #Layer1_background_green {
        position:absolute;
        width:980px;
        height:392px;
        z-index:1;
        top: 149px;
        left: 0px;
    }

    #nav_vertical {
        position:absolute;
        width:182px;
        height:113px;
        z-index:5;
        left: 1px;
        top: 361px;
    }
    #nav_vertical ul{
    font: bold 12px Arial, Verdana, sans-serif;
    margin:0;
    padding:0;
    list-style:none;
    }

    #nav_vertical li{
    display:inline;
    margin:0 0 0 0;
    padding:0;
    text-transform:uppercase;
    }


    #nav_vertical a{
    float:left;
    color: green;
    /*background: #8cb85c url(layout_image/color_tabs_left.gif) no-repeat left top;*/
    margin:0 2px 0 0;
    padding:0 0 1px 3px;
    text-decoration:none;
    letter-spacing: 1px;
    }

    #nav_vertical a span{
    float:left;
    display:block;
    /*background: transparent url(layout_image/color_tabs_right.gif) no-repeat right top;*/
    padding:9px 9px 2px 6px;
    }


    #nav_vertical a:hover{
    color:#00CC00;
    }

    #nav_vertical a:hover span{
    color: #00CC00 ;
    }

    #nav_vertical #current a, #nav_vertical #current span{ /*currently selected tab*/
    /*background-color: #678b3f; */
    color:#FFFFFF
    }
    #dunlop_lazenger {
        position:absolute;
        width:73px;
        height:72px;
        z-index:6;
        left: 0px;
        top: 160px;
    }
    a:link {
        color: #FFFFFF;
        text-decoration: none;
    }
    a:visited {
        text-decoration: none;
    }
    a:hover {
        text-decoration: none;
    }
    a:active {
        text-decoration: none;
    }
    #Cal_Event {
        position:absolute;
        width:166px;
        height:74px;
        z-index:7;
        left: 611px;
        top: 254px;
    }
    </style>
    </head>

    <body>
    <form>
    <div id="nav_vertical">
    <ul>
    <li id="current"><a href="Calendar_Event.php" title="CALENDAR EVENT" target="_self"><span>CALENDAR EVENT</span></a></li>
    <li><a href="roland_garros.php" title="RONALD GARROS" target="_self"><span>ROLAND GARROS</span></a></li>
    <li><a href="wimbledon.php" title="WIMBLEDON" target="_self"><span>WIMBLEDON</span></a></li>
    </ul>
    </div>
    <div id="ddcolortabs">
    <ul>
    <li> <a href="Products.php" title="Products" target="_self"><span>Products</span></a></li>
    <li id="current"><a href="Event.php" title="Events" target="_self"><span>Events</span></a></li>
    <li style="margin-left: 1px"><a href="Company.php" title="Company" target="_self"><span>Company</span></a></li>
    </ul>
    </div>
    <div id="ddcolortabsline"></div>
    <div id="dunlop_lazenger"><img src="layout_image/dunlop_slazenger.png" width="170" height="200" /></div>
    <div id="Layer1_background_green"><img src="layout_image/LINE.png" width="1020" height="417" /></div>
    <div id="green_frame"><img src="layout_image/vertical left v01.jpg" width="174" height="410" /></div>
    <div id="Layer4_horizontal_line"><img src="layout_image/horizontal_line.png" width="1020" height="5" /></div>
    </form>
    <?php
    //$todaysDate = date("n/j/Y");
    //echo $todaysDate;
    // Get values from query string
    $day = (isset($_GET["day"])) ? $_GET['day'] : "";
    $month = (isset($_GET["month"])) ? $_GET['month'] : "";
    $year = (isset($_GET["year"])) ? $_GET['year'] : "";
    //comparaters for today's date
    //$todaysDate = date("n/j/Y");
    //$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
    //$what = (isset($_GET["what"])) ? $_GET['what'] : "";

    //$day = (!isset($day)) ? $day = date("j") : $day = "";
    if(empty($day)){ $day date("j"); }

    if(empty(
    $month)){ $month date("n"); }

    if(empty(
    $year)){ $year date("Y"); } 
    //set up vars for calendar etc
    $currentTimeStamp strtotime("$year-$month-$day");
    $monthName date("F"$currentTimeStamp);
    $numDays date("t"$currentTimeStamp);
    $counter 0;
    //$numEventsThisMonth = 0;
    //$hasEvent = false;
    //$todaysEvents = ""; 
    //run a selec statement to hi-light the days
    function hiLightEvt($eMonth,$eDay,$eYear){
    //$tDayName = date("l");
    $todaysDate date("n/j/Y");
    $dateToCompare $eMonth '/' $eDay '/' $eYear;
    if(
    $todaysDate == $dateToCompare){
    //$aClass = '<span>' . $tDayName . '</span>';
    $aClass='class="today"';
    }else{
    //$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
    //echo $todaysDate;
    //return;
    $sql="select count(calDate) as eCount from calTbl where calDate = '" $eMonth '/' $eDay '/' $eYear "'";
    //echo $sql;
    //return;
    $result mysql_query($sql);
    while(
    $rowmysql_fetch_array($result)){
    if(
    $row['eCount'] >=1){
    $aClass 'class="event"';
    }elseif(
    $row['eCount'] ==0){
    $aClass ='class="normal"';
    }
    }
    }
    return 
    $aClass;
    }
    ?>
    <div id="Calendar_Event">
    <table width="350" cellpadding="0" cellspacing="0">
    <tr>
    <td width="50" colspan="1">
    <input type="button" value=" < " onClick="goLastMonth(<?php echo $month ", " $year?>);">
    </td>
    <td width="250" colspan="5">
    <span class="title" style="color:#FFFFFF"><?php echo $monthName " " $year?></span><br>
    </td>
    <td width="50" colspan="1" align="right">
    <input type="button" value=" > " onClick="goNextMonth(<?php echo $month ", " $year?>);">
    </td>
    </tr> 
    <tr>
    <th>M</td>
    <th>T</td>
    <th>W</td>
    <th>T</td>
    <th>F</td>
    <th>S</td>
    <th>S</td>
    </tr>
    <tr>
    <?php
    for($i 1$i $numDays+1$i++, $counter++){
    $dateToCompare $month '/' $i '/' $year;
    $timeStamp strtotime("$year-$month-$i");
    //echo $timeStamp . '<br/>';
    if($i == 1){
    // Workout when the first day of the month is
    $firstDay date("N"$timeStamp);
    for(
    $j 1$j $firstDay$j++, $counter++){
    echo 
    "<td>&nbsp;</td>";

    }
    if(
    $counter == ){
    ?>
    </tr><tr>
    <?php
    }
    ?>
    <!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='$month '&day=' $i '&year=' $year;?>&v=1"><?=$i;?></a></td> 
    <?php
    }
    ?>
    </table>
    </div>
    <div id="New_Event">
    <?php
    if(isset($_GET['v'])){
    if(isset(
    $_POST['Submit'])){
    $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" $_POST['calName'] ."','" $_POST['calDesc'] . "','" $_POST['calDate'] . "',now())";
    mysql_query($sql);
    }
    $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" $month '/' $day '/' $year "'";
    //echo $sql;
    //return;
    $result mysql_query($sql);
    $numRows mysql_num_rows($result);

    $check=mysql_query("SELECT * FROM tbllogin WHERE Username='xxx' AND Department='yyy'");
    if (
    mysql_num_rows($check)>0){ 
    ?>
    <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">New Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">t</a><?php
    }else{
    echo 
    'You cannot Add New Event';
    }
    ?>
    </div>
    <div id="Cal_Event">
    <?php
    if(isset($_GET['f'])){
    include 
    'calForm.php';
    }
    if(
    $numRows == ){
    echo 
    '';
    }else{
    //echo '<ul>';
    echo '<h3>Event Listed</h3>';
    while(
    $row mysql_fetch_array($result)){
    ?>

    <h5><?=$row['calName'];?></h5>
    <?=$row['calDesc'];?><br/>
    Listed On: <?=$row['calStamp'];?>
    <?php
    }
    }
    }
    ?>
    </div>
    </body>
    </html>
    When i run this code eventhough the user is not xxx and the department is not yyy sshe can also add event..so i think eventhough my program has no error but my condition was not work properly.

  2. #2
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    You aren't checking if the current user is xxx and the department yyy. You are checking if there is a user xxx with department yyy in your database, which of course is always true, otherwise noone could add events.

    Anyway, I don't think it's a good idea to hard-code the user and the department in your script. What if in the future user and/or department have to change? Why not add a column to your table with a value that indicates if that user can add events?

  3. #3
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    You aren't checking if the current user is xxx and the department yyy. You are checking if there is a user xxx with department yyy in your database, which of course is always true, otherwise noone could add events.

    Anyway, I don't think it's a good idea to hard-code the user and the department in your script. What if in the future user and/or department have to change? Why not add a column to your table with a value that indicates if that user can add events?
    I understand what you say but i have no idea on how to do it..

  4. #4
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    In the script you posted here, how do you know which user has logged in? Do you use session variables?

  5. #5
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    In the script you posted here, how do you know which user has logged in? Do you use session variables?
    I have no code for checking if the user is login..I only check if the user is equalt to user =xxx and department is =yyy then she can add event or else she cant add event.

  6. #6
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    How do you know which user is accessing the page?

  7. #7
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    How do you know which user is accessing the page?
    I don't know

  8. #8
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Let's go back to the login form then. When the form is submitted, what script is called?

  9. #9
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    Let's go back to the login form then. When the form is submitted, what script is called?

    When the form was submitted so the script that should be next is confirm that the user is login so that she could not login again if she accidentally press the back button

  10. #10
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    In that script I guess you check that the user/password is correct?
    When the user/password is correct, you should save the username and the department in session variables. Read more about the use of sessions here.

    Schematically, the script would be something like
    Code PHP:
    // first line: session_start
    session_start();
     
    // after session_start follows your script
    ...
    // at some point you query your DB to see if the user/password combo exists
    if (...) {
      // if it exists, the user is logged in succesfully
      // at that moment, you store the user and the department in session variables
      $_SESSION['user'] = $row['user'];
      $_SESSION['department'] = $row['department'];
      ...
    }
    ...
    In the calendar events code, you do session_start again at the top of the script, and then you can use the session variables to check if a user is logged in (if he's not, deny him access and send him back to the login page), and what the user name and his department is.

  11. #11
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    In that script I guess you check that the user/password is correct?
    When the user/password is correct, you should save the username and the department in session variables. Read more about the use of sessions here.

    Schematically, the script would be something like
    Code PHP:
    // first line: session_start
    session_start();
     
    // after session_start follows your script
    ...
    // at some point you query your DB to see if the user/password combo exists
    if (...) {
      // if it exists, the user is logged in succesfully
      // at that moment, you store the user and the department in session variables
      $_SESSION['user'] = $row['user'];
      $_SESSION['department'] = $row['department'];
      ...
    }
    ...
    In the calendar events code, you do session_start again at the top of the script, and then you can use the session variables to check if a user is logged in (if he's not, deny him access and send him back to the login page), and what the user name and his department is.
    Good day!

    this is my new code in my login, i add session

    PHP Code:
    <?php 
    session_start
    (); 
    session_regenerate_id(); 

    if(
    $_SESSION['loggedin']){ 
    //the user is already logged in, lets redirect them to the other page 
        
    header("Location:company.php"); 


    //require_once 'conn.php';   
    $db_name="dspi"

    mysql_connect("localhost""root""") or die("Cannot connect to server"); 
    mysql_select_db("$db_name")or die("Cannot select DB");    


            
    $department mysql_real_escape_string($_POST['department']);    
            
    $username mysql_real_escape_string($_POST['username']); 

            
    $sql=mysql_query("SELECT `Department`, `Username` FROM `tbllogin` WHERE `Department` = '{$department}' AND Username = '{$username}'") or die(mysql_error()); 
            
    $ct mysql_num_rows($sql); 
          
            if(
    $ct == 1) { 
    // im guessing this means that the user is valid. 
    $_SESSION['loggedin'] = true// now that the user is valid we change the session value. 
                
    $row mysql_fetch_assoc($sql);   
                
                
    $_SESSION['username'] = $row['Username'] ;
                
    $_SESSION['department'] = $row['Department'];
                
                
    $Departments=array('Accounting''Engineering''Finishing_Goods''HRAD''MIS''Packaging_and_Design''Production''Purchasing_Logistic''QA_and_Technical''Supply_Chain');
                
                if (
    in_array($row['Department'], $Departments)){
                        
    header ('Location:company.php');
                }else{
                        echo 
    "Incorrect Username or Department";
                        
    header ('Location:index.php');
                }
            }
    ?>
    and this is my code in calendar:

    PHP Code:
    <?php
    $host 
    "localhost";

        
    $username "";

        
    $password "";

        
    $dbCnx = @mysql_connect($host$username$password) or die('Could not Connect to the database');

        
    $dbName 'dspi';

        
    mysql_select_db($dbName);    
    ?>
    <html>
    <body>
    <script>
    function goLastMonth(month, year){
    // If the month is January, decrement the year
    if(month == 1){
    --year;
    month = 13;
    }
    document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;
    }
    //next function
    function goNextMonth(month, year){
    // If the month is December, increment the year
    if(month == 12){
    ++year;
    month = 0;
    }
    document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;


    function remChars(txtControl, txtCount, intMaxLength)
    {
    if(txtControl.value.length > intMaxLength)
    txtControl.value = txtControl.value.substring(0, (intMaxLength-1));
    else
    txtCount.value = intMaxLength - txtControl.value.length;
    }

    function checkFilled() {
    var filled = 0
    var x = document.form1.calName.value;
    //x = x.replace(/^\s+/,""); // strip leading spaces
    if (x.length > 0) {filled ++}

    var y = document.form1.calDesc.value;
    //y = y.replace(/^s+/,""); // strip leading spaces
    if (y.length > 0) {filled ++}

    if (filled == 2) {
    document.getElementById("Submit").disabled = false;
    }
    else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased

    }

    </script>
    <?php
    //$todaysDate = date("n/j/Y");
    //echo $todaysDate;
    // Get values from query string
    $day = (isset($_GET["day"])) ? $_GET['day'] : "";
    $month = (isset($_GET["month"])) ? $_GET['month'] : "";
    $year = (isset($_GET["year"])) ? $_GET['year'] : "";
    //comparaters for today's date
    //$todaysDate = date("n/j/Y");
    //$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
    //$what = (isset($_GET["what"])) ? $_GET['what'] : "";

    //$day = (!isset($day)) ? $day = date("j") : $day = "";
    if(empty($day)){ $day date("j"); }

    if(empty(
    $month)){ $month date("n"); }

    if(empty(
    $year)){ $year date("Y"); } 
    //set up vars for calendar etc
    $currentTimeStamp strtotime("$year-$month-$day");
    $monthName date("F"$currentTimeStamp);
    $numDays date("t"$currentTimeStamp);
    $counter 0;
    //$numEventsThisMonth = 0;
    //$hasEvent = false;
    //$todaysEvents = ""; 
    //run a selec statement to hi-light the days
    function hiLightEvt($eMonth,$eDay,$eYear){
    //$tDayName = date("l");
    $todaysDate date("n/j/Y");
    $dateToCompare $eMonth '/' $eDay '/' $eYear;
    if(
    $todaysDate == $dateToCompare){
    //$aClass = '<span>' . $tDayName . '</span>';
    $aClass='class="today"';
    }else{
    //$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
    //echo $todaysDate;
    //return;
    $sql="select count(calDate) as eCount from calTbl where calDate = '" $eMonth '/' $eDay '/' $eYear "'";
    //echo $sql;
    //return;
    $result mysql_query($sql);
    while(
    $rowmysql_fetch_array($result)){
    if(
    $row['eCount'] >=1){
    $aClass 'class="event"';
    }elseif(
    $row['eCount'] ==0){
    $aClass ='class="normal"';
    }
    }
    }
    return 
    $aClass;
    }
    ?>
    <div id="Calendar_Event">
    <table width="350" cellpadding="0" cellspacing="0">
    <tr>
    <td width="50" colspan="1">
    <input type="button" value=" < " onClick="goLastMonth(<?php echo $month ", " $year?>);">
    </td>
    <td width="250" colspan="5">
    <span class="title" style="color:#FFFFFF"><?php echo $monthName " " $year?></span><br>
    </td>
    <td width="50" colspan="1" align="right">
    <input type="button" value=" > " onClick="goNextMonth(<?php echo $month ", " $year?>);">
    </td>
    </tr> 
    <tr>
    <th>M</td>
    <th>T</td>
    <th>W</td>
    <th>T</td>
    <th>F</td>
    <th>S</td>
    <th>S</td>
    </tr>
    <tr>
    <?php
    for($i 1$i $numDays+1$i++, $counter++){
    $dateToCompare $month '/' $i '/' $year;
    $timeStamp strtotime("$year-$month-$i");
    //echo $timeStamp . '<br/>';
    if($i == 1){
    // Workout when the first day of the month is
    $firstDay date("N"$timeStamp);
    for(
    $j 1$j $firstDay$j++, $counter++){
    echo 
    "<td>&nbsp;</td>";

    }
    if(
    $counter == ){
    ?>
    </tr><tr>
    <?php
    }
    ?>
    <!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='$month '&day=' $i '&year=' $year;?>&v=1"><?=$i;?></a></td> 
    <?php
    }
    ?>
    </table>
    </div>
    <div id="New_Event">
    <?php
    if(isset($_GET['v'])){
    if(isset(
    $_POST['Submit'])){
    $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" $_POST['calName'] ."','" $_POST['calDesc'] . "','" $_POST['calDate'] . "',now())";
    mysql_query($sql);
    }
    $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" $month '/' $day '/' $year "'";
    //echo $sql;
    //return;
    $result mysql_query($sql);
    $numRows mysql_num_rows($result);

    $check=mysql_query("SELECT * FROM tbllogin WHERE Username='rhoda.barrera@dunlop.ph' AND Department='MIS'");
    if (
    mysql_num_rows($check)>0){ 
    ?>
    <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">t</a><?php
    }else{
    echo 
    'You cannot Add New Event';
    }
    ?>
    </div>
    <div id="Cal_Event">
    <?php
    if(isset($_GET['f'])){
    include 
    'calform.php';
    }
    if(
    $numRows == ){
    echo 
    '';
    }else{
    //echo '<ul>';
    echo '<h3>Event Listed</h3>';
    while(
    $row mysql_fetch_array($result)){
    ?>

    <h5><?=$row['calName'];?></h5>
    <?=$row['calDesc'];?><br/>
    Listed On: <?=$row['calStamp'];?>
    <?php
    }
    }
    }
    ?>
    </div>
    </body>
    </html>
    I have no idea where i can add session in my calendar

  12. #12
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by rhodarose View Post
    I have no idea where i can add session in my calendar
    On top:
    Code PHP:
    <?php
      session_start();
     
      $host = "localhost";
      $username = "";
      $password = "";
      $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database');
      $dbName = 'dspi';
      mysql_select_db($dbName);    
     
      // check if the session variables are set, and if they exist in the database
      if (isset($_SESSION['username']) && isset($_SESSION['Department'])) {
        $username = $_SESSION['username'];
        $department = $_SESSION['Department'];
        $query = "
          SELECT * 
          FROM tbllogin 
          WHERE Username = '" . mysql_real_escape_string($username) . "' 
          AND Department = '" . mysql_real_escape_string($department) . '"
        ";
        $result = mysql_query($query) or die("mysql error: " . mysql_error() .  " in query $query");
        if (mysql_num_rows == 0) {
          // if user-department doesn't exist, go to login page
          unset ($_SESSION['username']);
          unset ($_SESSION['department']);
          header("Location:login.php"); 
          exit();
        }
      } else {
      // user didn't login, go to login page
      unset ($_SESSION['username']);
      unset ($_SESSION['department']);
      header("Location:login.php"); 
      exit();
    ?>
    Later on in your code, you can change this check:
    Code PHP:
    $check=mysql_query("SELECT * FROM tbllogin WHERE Username='xxxxx' AND Department='xxx'");
    if (mysql_num_rows($check)>0){
    into
    Code PHP:
    if ($username == 'xxxxx' && $department = 'xxxx') {

  13. #13
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    On top:
    Code PHP:
    <?php
      session_start();
     
      $host = "localhost";
      $username = "";
      $password = "";
      $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database');
      $dbName = 'dspi';
      mysql_select_db($dbName);    
     
      // check if the session variables are set, and if they exist in the database
      if (isset($_SESSION['username']) && isset($_SESSION['Department'])) {
        $username = $_SESSION['username'];
        $department = $_SESSION['Department'];
        $query = "
          SELECT * 
          FROM tbllogin 
          WHERE Username = '" . mysql_real_escape_string($username) . "' 
          AND Department = '" . mysql_real_escape_string($department) . '"
        ";
        $result = mysql_query($query) or die("mysql error: " . mysql_error() .  " in query $query");
        if (mysql_num_rows == 0) {
          // if user-department doesn't exist, go to login page
          unset ($_SESSION['username']);
          unset ($_SESSION['department']);
          header("Location:login.php"); 
          exit();
        }
      } else {
      // user didn't login, go to login page
      unset ($_SESSION['username']);
      unset ($_SESSION['department']);
      header("Location:login.php"); 
      exit();
    ?>
    Later on in your code, you can change this check:
    Code PHP:
    $check=mysql_query("SELECT * FROM tbllogin WHERE Username='xxxxx' AND Department='xxx'");
    if (mysql_num_rows($check)>0){
    into
    Code PHP:
    if ($username == 'xxxxx' && $department = 'xxxx') {
    The top code is for what?or where i can put it?

    i have new condition in adding events but this code was not work because it falls on the else statement which is "You cannot add event."

    here is the code:
    PHP Code:
    <?php
    if(isset($_GET['v'])){
    if(isset(
    $_POST['Submit'])){
    $sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" $_POST['calName'] ."','" $_POST['calDesc'] . "','" $_POST['calDate'] . "',now())";
    mysql_query($sql);
    }
    $sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" $month '/' $day '/' $year "'";
    //echo $sql;
    //return;
    $result mysql_query($sql);
    $numRows mysql_num_rows($result);

    $check=mysql_query("SELECT * FROM tbllogin WHERE Username='".$_SESSION['Username']."' AND Department='".$_SESSION['Department']."' AND Permission='True'");
    if (
    mysql_num_rows($check)>0){ 
    ?>
    <a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' $_GET['day'] . '&year=' $_GET['year'];?>&v=1&f=true">t</a><?php
    }else{
    echo 
    'You cannot Add New Event';
    }
    ?>

  14. #14
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    On top of company.php.

  15. #15
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    the code is:
    PHP Code:
    <?php
    session_start
    ();
     
      
    $host "localhost";
      
    $username "";
      
    $password "";
      
    $dbCnx = @mysql_connect($host$username$password) or die('Could not Connect to the database');
      
    $dbName 'dspi';
      
    mysql_select_db($dbName);    
     
      
    // check if the session variables are set, and if they exist in the database
      
    if (isset($_SESSION['Username']) && isset($_SESSION['Department'])) {
        
    $username $_SESSION['Username'];
        
    $department $_SESSION['Department'];
        
    $query "
          SELECT * FROM tbllogin WHERE Username = '" 
    mysql_real_escape_string($username) . "' AND Department = '" mysql_real_escape_string($department) . '";
        $result = mysql_query($query) or die("mysql error: " . mysql_error() .  " in query $query");
        if (mysql_num_rows == 0) {
          //if user-department doesnt exist go to login page
          unset ($_SESSION['
    Username']);
          unset ($_SESSION['
    Department']);
          header("Location:index.php"); 
          exit();
        }
      } else {
      //user didnt login, go to login page
      unset ($_SESSION['
    Username']);
      unset ($_SESSION['
    Department']);
      header("Location:index.php"); 
      exit();
    ?>
    I got an error:
    Parse error: parse error in D:\xampp\htdocs\dspi_intranet\calendar_event.php on line 21

  16. #16
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Yes, I made a typing mistake in the query, I switched a single and double quote. I'm sure you'll be able to locate and correct the error

  17. #17
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    <?php
    session_start
    ();
     
      
    $host "localhost";
      
    $username "";
      
    $password "";
      
    $dbCnx = @mysql_connect($host$username$password) or die('Could not Connect to the database');
      
    $dbName 'dspi';
      
    mysql_select_db($dbName);    
     
      
    // check if the session variables are set, and if they exist in the database
      
    if (isset($_SESSION['Username']) && isset($_SESSION['Department'])) {
        
    $username $_SESSION['Username'];
        
    $department $_SESSION['Department'];
        
    $query "SELECT * FROM tbllogin WHERE Username = '" mysql_real_escape_string($username) . "' 
          AND Department = '" 
    mysql_real_escape_string($department) . '"";
        $result = mysql_query($query) or die(mysql error: ' 
    mysql_error() .  'in query $query');
        if (
    mysql_num_rows == 0) {
          
    // if user department doesnt exist, go to login page
          
    unset ($_SESSION['Username']);
          unset (
    $_SESSION['Department']);
          
    header("Location:index.php"); 
          exit();
        }
      } else {
      
    // user didn't login, go to login page
      
    unset ($_SESSION['Username']);
      unset (
    $_SESSION['Department']);
      
    header("Location:index.php"); 
      exit();
      
    ?>
    i edit the code and theres an error again:
    Parse error: parse error in D:\xampp\htdocs\dspi_intranet\calendar_event.php on line 17

  18. #18
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    You didn't solve the error.

  19. #19
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yes

  20. #20
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    the line error is this

    $result = mysql_query($query) or die(mysql error: ' . mysql_error() . 'in query $query');

    i don't know why it cause error

  21. #21
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,506
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Yes, there's an error in that line. Just return it to the way I wrote it.
    The other (first) error is in the line above. It should be
    Code PHP:
    $query = "SELECT * FROM tbllogin WHERE Username = '" . mysql_real_escape_string($username) . "' 
          AND Department = '" . mysql_real_escape_string($department) . "'";
    By the way, are you writing this application for yourself, as a study project? Or is it real work?

  22. #22
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    Yes, there's an error in that line. Just return it to the way I wrote it.
    The other (first) error is in the line above. It should be
    Code PHP:
    $query = "SELECT * FROM tbllogin WHERE Username = '" . mysql_real_escape_string($username) . "' 
          AND Department = '" . mysql_real_escape_string($department) . "'";
    By the way, are you writing this application for yourself, as a study project? Or is it real work?
    it is real work and i am a fresh grad and i am new in php.

  23. #23
    SitePoint Addict
    Join Date
    Jul 2010
    Posts
    247
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I put the code again and still error is
    Parse error: parse error in D:\xampp\htdocs\web_intranet\calendar_event.php on line 17


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •