John
Reputation: 1629
Administrator search query
I have a search form, where user can look up estates he owns (search by number or keyword).
Every estate in table has an user ID to identify the owner.
$userID variable (from login session).
$accessLevel variable (from login session). / checks if user is admin
$req variable (keyword from form input)
SELECT esName, esID, esAddress FROM estates WHERE
(esName LIKE '$req' OR esID LIKE '$req')
AND userID='$userID'"
Now, my question is how to create an administrator access. Administrator can check all the existing estates, no matter who owns them. Is there any other option than independent queries for admins?
I have like 7 different queries for different databases (depends on radio button selection (for example: estates, payments, etc.)), and making another query for every single database would be a reall mess.
Upvotes: 0
Views: 71
Answers (2)
invisal
Reputation: 11181
If you are looking for one query that works for both administrator and regular user.
$admin_access = 'true'; // if user is administrator
$admin_access = 'false'; // if user is not administrator
$query = "SELECT esName, esID, esAddress FROM estates WHERE
(esName LIKE '$req' OR esID LIKE '$req')
AND (userID='$userID' OR $admin_access)";
Upvotes: 1
Andreas Linden
Reputation: 12721
$qry = "SELECT esName, esID, esAddress FROM estates WHERE
(esName LIKE '$req' OR esID LIKE '$req')" .
($accessLevel == 'admin' ? "" : " AND userID='$userID'");
Upvotes: 1