Filter specific records only?

PHP
1

Hi guys I’m trying to modify the jqGrid jquery plugin.
So that it will only display records that is according to the currently logged-in username, an not to display all the records.

here is the modified jqGridCrud.php codes,


more codes here...

switch($postConfig['action']){
	case $crudConfig['read']:
		/* ----====|| ACTION = READ ||====----*/
		if($DEBUGMODE == 1){$firephp->info('READ','action');}
		/*query to count rows*/
		$username = $_SESSION['Username'];
		
		$sql="select count({$postConfig['id']}) as numRows FROM $crudTableName WHERE '.$postConfig[username].'='$username'";
		//$sql='select count('.$postConfig['id'].') as numRows from '.$crudTableName;
		if($DEBUGMODE == 1){$firephp->info($sql,'query');}
		$result = mysql_query($sql) or die(mysql_error());
		$row = mysql_fetch_array($result,MYSQL_NUM);
		$count = $row[0];
		if($DEBUGMODE == 1){$firephp->info($count,'rows');}
		$intLimit = $postConfig['limit'];
		/*set the page count*/
		if( $count > 0 && $intLimit > 0) { $total_pages = ceil($count/$intLimit); } 
		else { $total_pages = 1; } 
		if($DEBUGMODE == 1){$firephp->info($total_pages,'total_pages');}
		$intPage = $postConfig['page'];
		if ($intPage > $total_pages){$intPage=$total_pages;}
		$intStart = (($intPage-1) * $intLimit);
		/*Run the data query*/
		$sql = 'select '.implode(',',$crudColumns).' from '.$crudTableName;
		if($postConfig['search'] == 'true'){
			//$sql .= ' WHERE ' . $postConfig['searchField'] . ' ' . fnSearchCondition($_POST['searchOper'], $postConfig['searchStr']);
		}
		$sql .= ' WHERE '.$postConfig[username].' = '.$username;
		$sql .= ' ORDER BY ' . $postConfig['sortColumn'] . ' ' . $postConfig['sortOrder']; 
		$sql .= ' LIMIT '.$intStart.','.$intLimit;
		
		//if($postConfig['search'] == true){ $sql .= ' where '.$searchCondition; }
		if($DEBUGMODE == 1){$firephp->info($sql,'query');}
		$result = mysql_query( $sql ) 
		or die($firephp->error('Couldn t execute query.'.mysql_error()));
		/*Create the output object*/
		$o->page = $intPage; 
		$o->total = $total_pages;
		$o->records = $count;
		$i=0;
		while($row = mysql_fetch_array($result,MYSQL_NUM)) { 
			/* 1st column needs to be the id, even if it's not named ID */
			$o->rows[$i]['id']=$row[0];
			/* assign the row contents to a row var. */
			$o->rows[$i][$crudConfig['row']]=$row;
			$i++; 
		}

more codes here...

But unfortunately I tried many times modifying it, but it seems I can’t get the right formula.

You can find the original and complete template plugin here,
PHP CRUD template for jqGrid | SuddenDevelopment

Thanks in advanced.

2

Debug with this to see if your query looks right:


echo $sql;

This part looks wrong to me:


$sql .= ' WHERE '.$postConfig[username].' = '.$username;

The username won’t be inside quotes within $sql. Your query will look like this:
WHERE username=myusername

Try


$sql .= "WHERE $postConfig[username]='$username' ";

BUT you must have already escaped $postConfig[‘username’] and $username before using it the query, or you’ll get hacked.