How do I use $_SESSION['userId'] to filter the rows that the loggen in user can view / edit?

How do I use $_SESSION['userId'] to filter the rows that the loggen in user can view / edit?

IanFCliffenIanFCliffen Posts: 3Questions: 1Answers: 0

I am new to Datatables and have spent a couple of days trying to find the solution without making any head way. So please forgive me if this is a newbie question.
I have made the table without any issues but when I try to restrict the logged in users acces to the full table data I run into problems.

In the WHERE clause (line 57) I can manually enter the user Id (in this case 94) and the rows are showing as required. However, when I replace 94 with $_SESSION['userId'] - (->where( 'vendors.id', $_SESSION['vendor'] )) I get the "DataTables warning: table id=example - Invalid JSON response. For more information about this error, please see http://datatables.net/tn/1" error message.

The $_SESSION has been called at the top of the page and an echo test does display the logged in user Id correctly.

Clearly I am making a very basic error but can't see a way forward....
Thanks
Ian

<?php
// DataTables PHP library
include( "../../php/DataTables.php" );


// Alias Editor classes so they are easy to use
use
    DataTables\Editor,
    DataTables\Editor\Field,
    DataTables\Editor\Format,
    DataTables\Editor\Mjoin,
    DataTables\Editor\Options,
    DataTables\Editor\Upload,
    DataTables\Editor\Validate;




/*
 * Example PHP implementation used for the join.html example
 */
Editor::inst( $db, 'vendors' )
    ->field( 
    
    Field::inst( 'vendors.id' ),
    
            Field::inst( 'events.venue_id' )
            ->options( Options::inst()
                ->table( 'venues' )
                ->value( 'id' )
                ->label( 'name' )
            )
            ->validator( 'Validate::dbValues' ),
        Field::inst( 'venues.name' ),
    
    
        Field::inst( 'events.qual_id' )
            ->options( Options::inst()
                ->table( 'qualifications' )
                ->value( 'id' )
                ->label( 'name' )
            )
            ->validator( 'Validate::dbValues' ),
        Field::inst( 'qualifications.name' ),
        
        Field::inst( 'events.date' ),
        Field::inst( 'events.end_date' ),
        Field::inst( 'events.currency' ),
        Field::inst( 'events.vat_status' ),
        Field::inst( 'events.price' ),
        Field::inst( 'events.disabled' )


    )

    
    ->where( 'vendors.id', 94 )
    ->leftJoin( 'events', 'events.vendor_id', '=', 'vendors.id')
    ->leftJoin( 'venues', 'venues.id', '=', 'events.venue_id' )
    ->leftJoin( 'qualifications', 'qualifications.id', '=', 'events.qual_id' )
    
    
    
//  

    
    ->process($_POST)
    ->json();

This question has an accepted answers - jump to answer

Answers

  • allanallan Posts: 63,464Questions: 1Answers: 10,466 Site admin

    It should be that ->where( 'vendors.id', $_SESSION['userId'] ) would do it. I don't see a session_start() in your code, but perhaps it is being included from somewhere else?

    If the server is returning invalid JSON, likely that will contain an error message. What is that error message?

    Allan

  • IanFCliffenIanFCliffen Posts: 3Questions: 1Answers: 0

    Hi Allan,
    Many thanks for diving into this for me.
    The session_start() is included elsewhere and it does return the correct user_Id if I add it to the top of the table as a test.

    I have changed the -> where as you suggested and the error message is:

    DataTables warning: table id=example - Invalid JSON response. For more information about this error, please see http://datatables.net/tn/1

  • allanallan Posts: 63,464Questions: 1Answers: 10,466 Site admin
    Answer ✓

    As it is returning invalid JSON, it will most likely contain an error message. What is that error message?

    Thanks,
    Allan

  • IanFCliffenIanFCliffen Posts: 3Questions: 1Answers: 0

    Hi Allan,
    Thanks for pointing me in the right direction

    Your
    ->where( 'vendors.id', $_SESSION['userId'] )

    only needed to be changed to

    ->where( 'vendors.id', $_SESSION['vendor'] )

    Problem solved - couldn't have done it without you!

    Thanks and best wishes
    Ian

This discussion has been closed.