php mysql if id in field
My database
comments
ID mID aID attachID
1 1 6 1
2 2 6 1
3 3 开发者_运维问答 6 1
4 8 6 2
5 4 6 2
So i'd like to allow access to user with mID to access attachID.
If they are viewing attachID 1, so users with mID of 1 or 2 or 3 can view. rest mID cannot.
EDIT : for attachID 1, users with mID 1 can see which other mID user can view too.
What would be the best approach to accomplish this?
function authorize($m_id, $a_id) {
$query = <<<SQL
SELECT
TRUE
FROM
db.Table
WHERE
m_id = $m_id
AND a_id = $_aid
SQL;
return mysql_num_rows(mysql_query($query));
}
This function will return TRUE if m_id is authorized for a_id, false otherwise. Then on your php page you have something like:
if (!authorize($m_id, $a_id)) {
header('Location: /not_authorized.php');
}
// Show normal apge for authorized user
If returns 0, user isn't authorized to view:
select count(1) from comments where mID = '$mID' and attachID = '$attachID'
Get all mIDs for a given attachID which can then be displayed to the user viewing the given attachID:
select mID from comments where attachID = '$attachID'
精彩评论