William Gill schreef:
I have a db of people in a group and want to allow individual group
members a way to view and update their own contact information, but not
anyone else's. I assume the safest/smartest way is via the php script
checking the user/pwd of the form submitter to determine if the update
query should be allowed (using a user permission given to the script,
not the individual).
Hi,
Without knowing the first thing about your setup, I'd say: yes.
I always use sessions for this.
User logs in: If username/password are correct, set $_SESSION["userid"]
= ...
The if they later on change their contactinfo:
$SQL = "UPDATE .... WHERE (userid=".$_SESSION["userid"].");";
Regards,
Erwin Moller
--
============================
Erwin Moller
Now dropping all postings from googlegroups.
Why?
http://improve-usenet.org/
============================