I have the following PHP script that selects MySQL data and displays all the different users' data in a table.
What I need is to limit this data to only that of the logged-in user for that session. As in only the single ID, name and email of the person logged in instead of the table showing all user data.
I assume I need to "SELECT * FROM usertable where (something) = (something)", I'm just not sure where to go from here.
Any help would be appreciated.
<?php
$con=mysqli_connect("localhost","myusername","mypassword","mydatabase");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM usertable");
echo "<table border='1'>
<tr>
<th>ID</th>
<th>Firstname</th>
<th>Lastname</th>
<th>Email</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['firstname'] . "</td>";
echo "<td>" . $row['lastname'] . "</td>";
echo "<td>" . $row['emailaddress'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
Well you are right you need a WHERE clause there in your statement.
If you have someone logged in and are looking for that persons name is logged in first store the id in a variable such as a $_SESSION variable your statement would look like SELECT * FROM usertable WHERE id = {$_SESSION['id']}
So first you would need a function when a user logs to store it
$_SESSION['id'] = row['id']
or If your looking for a specific first/lastname combo:
"SELECT * FROM usertable WHERE firstname = '{$firstname}' AND lastname = '{$lastname}' SESSION ID don't mean you need to make something like $_SESSION['user_id'].
Remember SESSION is like ghost, sometime it's can be lost with no trace. Try to used simple cookie to confirm session data store within database. Just make a limit to that cookie, so after several time, the cookie will be destroy and renew with complete diferent value.
For your question is simple,...
SELECT * FROM 'tablename' WHERE 'table_field' LIKE 'table_value'