Help with PHP

[itsmemario]

im wondering on this code



account means normal account not staff account right if you look on the database staff and normal account was same tbl?for example tbl_accountblahblah or tbl_accountblahblah i think your code was for normal account not for staff please check your code clearly or read what the codes for staff or for normal account or better give the whole files here so i can help you

Account is for Account table (guess you know that lol), but both admin and user accounts are in that table. Difference between user and admin is, user has UGradeID column set to 0, admin have it set to 255.

[Montage]

can you upload or give direct link of the files that you use if you want to help you out?

[Keristrasza]

Oh I see, makes sense... is the code bellow correct? I'm not sure how to use if statement to check if UGradeID = 255

PHP Code:

$aaa = mssql_query("SELECT UGradeID FROM Account WHERE AID = '".$char['AID']"'"); 


you're missing a dot on the right side of $char['AID'] and that doesn't look escaped but I guess it'll be ok if you got that value from the db u__u

also you don't need single quotes around an integer in sql o-o

[itsmemario]

you're missing a dot on the right side of $char['AID'] and that doesn't look escaped but I guess it'll be ok if you got that value from the db u__u

also you don't need single quotes around an integer in sql o-o

I see, but how can I get that value from DB? I think that would be an 'if' but I can't think on how to do it...

[Keristrasza]

as in, if $char['AID'] is an integer you got from the db, instead of something you got from user input or w/e, then it'll be fine

[itsmemario]

as in, if $char['AID'] is an integer you got from the db, instead of something you got from user input or w/e, then it'll be fine

I tought of many ways but none of them worked >.<

Could you assist me on this?

I'm not sure if that's anywhere nearly correct.

PHP Code:

        <?php        
        ini_set('memory_limit', '-1');
        $aaa = mssql_query("SELECT UgradeID FROM Account WHERE AID = '".$char['AID']."'");
        mssql_fetch_assoc($aaa);?>
        <?php if(What to put here? == 255){ ?>
         <li><a href="index.php?act=admin" class="admin_button"></a></li>
        <?php } ?>

can you upload or give direct link of the files that you use if you want to help you out?

here it is
web

the button part is incorrect tho.

[Keristrasza]

Code:

<?php
ini_set('memory_limit', '-1');
$aaa = mssql_query("SELECT UGradeID FROM Account WHERE AID = '".$char['AID']."'");
$row = mssql_fetch_assoc($aaa);
$_SESSION['UGradeID'] = $row['UGradeID'];?>
<?php if($_SESSION['UGradeID'] == 255){ ?>
 <li><a href="index.php?act=admin" class="admin_button"></a></li>
<?php } ?>

that looks correct but I don't know php :9

[itsmemario]

Code:

<?php
ini_set('memory_limit', '-1');
$aaa = mssql_query("SELECT UGradeID FROM Account WHERE AID = '".$char['AID']."'");
$row = mssql_fetch_assoc($aaa);
$_SESSION['UGradeID'] = $row['UGradeID'];?>
<?php if($_SESSION['UGradeID'] == 255){ ?>
 <li><a rel="nofollow" href="index.php?act=admin" class="admin_button"></a></li>
<?php } ?>

that looks correct but I don't know php :9

I tried that but it doesn't shows the button now... Well let's just hope someone with higher PHP knowledge than ours helps me out, I suppose it wouldn't be too hard for them.

[Dave]

PHP Code:

<?php
   $row = mssql_fetch_assoc(mssql_query("SELECT UGradeID FROM Account WHERE UserID = '" . $_SESSION['user'] . "'"));
   if($_SESSION['UGradeID'] = $row['UGradeID'] == 255){ 
?>
   <li><a rel="nofollow" href="index.php?act=admin" class="admin_button"></a></li>
<?php } ?>

You should really look into PDO though.

[itsmemario]

PHP Code:

<?php
   $row = mssql_fetch_assoc(mssql_query("SELECT UGradeID FROM Account WHERE UserID = '" . $_SESSION['user'] . "'"));
   if($_SESSION['UGradeID'] = $row['UGradeID'] == 255){ 
?>
   <li><a rel="nofollow" href="index.php?act=admin" class="admin_button"></a></li>
<?php } ?>

You should really look into PDO though.

Thanks a lot Dave, that worked! Truly appreciate your help!! Take care.