Javascript Hide And show field values

chrisiboy · September 30, 2012, 1:43pm

Hi Guys,

Need help quick! I have a table, one field that is either 1 or 0. I want to write a javascript field to check if it is a 1 or 0, if it is a 1, I then want to show my textboxes, if it’s a 0, it means he does not have permission to enter data so then I want to hide the needed textboxes… I think it is needed that a call this function in my class… Any ideas?

rltamm · September 30, 2012, 4:01pm

you can post the PHP code for the page you are working with, might make it easier for anyone looking to assist you, knowing what you are working with can help “create” a functional code for you with the results you are looking for.

chrisiboy · October 1, 2012, 10:30am

Well below is my login function, it goes to a menu page where you then select add new user. I then want the mysql table if it = 1 or 0, if 0, hide my fields, if 1 don’t hide it.

public function Login($username, $password)
{
	$cmd = "select 
				airtime_user_id, 
				passwd_change_flag, 
				mod_download_cdr, 
				mod_download_sim_summary, 
				mod_user_add, 
				mod_user_permissions,
				mod_custom_reports,
				logo_file,
                                    mod_interactive_report,
                                    is_admin,
                                    mod_admin_tools
			FROM airtime_users
			where username = '" . $this->CheckInjection($username) . "' and passwd = '" . md5($password) . "'";
			
	if(!$result = $this->db->RetrieveCommandExec($cmd))
	{
		echo($this->db->GetError());
		return false;
	}
	else
	{
		session_start();
		
		$_SESSION['auth']['user'] =  $this->CheckInjection($username);
		$_SESSION['auth']['user-id'] = $result[0]['airtime_user_id'];
		$_SESSION['auth']['passwd-change'] = $result[0]['passwd_change_flag'];
		$_SESSION['auth']['mod-download-cdr'] = $result[0]['mod_download_cdr'];
		$_SESSION['auth']['mod-download-sim-summary'] = $result[0]['mod_download_sim_summary'];
		$_SESSION['auth']['mod-user-add'] = $result[0]['mod_user_add'];
		$_SESSION['auth']['mod-user-permissions'] = $result[0]['mod_user_permissions'];
		$_SESSION['auth']['mod-custom-reports'] = $result[0]['mod_custom_reports'];
                    $_SESSION['auth']['mod-interactive-reports'] = $result[0]['mod_interactive_report'];
                    $_SESSION['auth']['is-admin'] = $result[0]['is_admin'];
                    $_SESSION['auth']['mod-support-tools'] = $result[0]['mod_admin_tools'];
        $_SESSION['auth']['logo-file'] = $result[0]['logo_file'];
		return true;
	}
	
	return false;
}

chrisiboy · October 1, 2012, 10:49am

This is actualy the better part. The save function will get the info entered into the textboxes, it looks if you are allowed to edit, but I still don’t know how I am going to add coding that actualy hides the textboxes according to isAdmin or is not Admin.

public function saveUser($userId, $isAdmin, $editUserID, $postValues)
{
    $user = new AirtimeUser($editUserID);
    if(!$isAdmin)
    {
        // verify this user is allowed to edit the selected user.
        if($user->isNewUser())
        {
            $user->set_parent_user_id($userId);
        }
        else
        {
            if($user->get_parent_user_id() <> $userId)
            {
                return false;
            }
        }
    }
    
    $user->set_mod_download_cdr ($postValues['mod_download_cdr']);
    $user->set_mod_download_sim_summary ($postValues['mod_download_sim_summary']);
    $user->set_mod_user_add ($postValues['mod_user_add']);
    $user->set_mod_user_permissions ($postValues['mod_user_permissions']);
    $user->set_mod_custom_reports ($postValues['mod_custom_reports']);
    $user->set_mod_interactive_report ($postValues['mod_interactive_report']);
    $user->set_username ($postValues['username']);
    $user->set_passwd ($postValues['passwd']);
    
    // now we try to save the bastard.
    $output = $this->getUserEditForm($user);

    if(!$user->save())
    {
        $output = $output . "ERROR Saving the user: (" . $user->getErrorNo() . ") " . $user->getError();
    }
    else
    {
        $output = $output . "User has been saved.";
    }
    
    return $output;
}

malasho · October 1, 2012, 6:42pm

chrisiboy,

I would advise against using javascript for this, instead I would use a php if statement in your form so that the checkboxes are not created if the user shouldn’t have access to them.

For example:[php]

<?php if(!empty($isAdmin)) // User is admin, create text boxes. { echo '
'; echo '
'; } [/php] The problem with doing this in javascript is that javascript is client side, meaning that you are still sending all of the checkboxes to the user's browser and relying on them having javascript enabled in order to hide them. If they aren't allowing javascript, the checkboxes will still appear. It is trivial for a user to display and use the checkboxes even if they are using javascript. Either way that you do it, you need to make sure that you are checking for admin rights before processing any $_POST variables that the user shouldn't be using. Should you wish to proceed with doing this with javascript, at a minimum we would need to see the code for your html form (we may need to see all the code for the page in order to get it to work), and it would help to know if you are using CSS. If so, is it in a required or included file, or coded in an html element with your other code? Let us know.

chrisiboy · October 2, 2012, 7:16am

Makes perfect sense to not use Javascript, Thanks! However I realy don’t know how to implement the code above to my class… What I have done, is insert my classes. Hope you guys can help… Thanks in advance!
[php]

<?php error_reporting(E_ERROR); require_once ('config.php'); require_once 'class.AirtimeUser.php'; /* * To change this template, choose Tools | Templates * and open the template in the editor. */ class UserMod { private $dbHost = ""; private $dbUser = ""; private $dbPass = ""; private $dbName = ""; public function UserMod() { global $site; $this->dbHost = $site['db']['db_host']; $this->dbUser = $site['db']['db_user']; $this->dbPass = $site['db']['db_pass']; $this->dbName = $site['db']['db_name']; } //Search Function public function getUsers($userId, $isAdmin, $filterUsername = "") { $cmd = "SELECT airtime_users.airtime_user_id, airtime_users.username, airtime_users.is_admin FROM airtime_users where airtime_users.username like '%$filterUsername%'"; if($isAdmin != 1) { $cmd = $cmd . " and airtime_users.parent_user_id = " . $userId; } $result = $this->execCommand($cmd); $output = $this->buildUserModGrid($result, $filterUsername); return $output; } public function showUser($userId, $isAdmin, $editUserID) { $user = new AirtimeUser($editUserID); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->isNewUser()) { $user->set_parent_user_id($userId); } else { if($user->get_parent_user_id() <> $userId) { alert('You do not have the permission to edit a user!'); return false; } } } return $this->getUserEditForm($user); } //New added function with less permissions private function getUserEditForm(AirtimeUser $user) { $output = ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . "

User Id	" . $user->get_airtime_user_id () . "
CDR Download permission
SIM Summary download permission
Allow user management
Allow permission management
Allow access to custom reports
Allow access to interactive reports
Username
Password
Parent User
get_airtime_user_id () . ");\">Save User"; if(!$user->isNewUser()) { $output = $output . " :: get_airtime_user_id () . ");\">Modify SIM permissions"; $output = $output . " :: get_airtime_user_id () . ");\">Modify Report permissions"; } $output = $output . "

"; return $output; } public function execCommand($cmd) { $con = new mysqli($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName) or die ('Could not connect to the database server' . mysqli_connect_error()); $result = $con->query($cmd); $con->close(); return $result; } public function saveUser($userId, $isAdmin, $editUserID, $postValues) { $user = new AirtimeUser($editUserID); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->isNewUser()) { $user->set_parent_user_id($userId); } else { if($user->get_parent_user_id() <> $userId) { return false; } } } $user->set_mod_download_cdr ($postValues['mod_download_cdr']); $user->set_mod_download_sim_summary ($postValues['mod_download_sim_summary']); $user->set_mod_user_add ($postValues['mod_user_add']); $user->set_mod_user_permissions ($postValues['mod_user_permissions']); $user->set_mod_custom_reports ($postValues['mod_custom_reports']); $user->set_mod_interactive_report ($postValues['mod_interactive_report']); $user->set_username ($postValues['username']); $user->set_passwd ($postValues['passwd']); // now we try to save the bastard. $output = $this->getUserEditForm($user); if(!$user->save()) { $output = $output . "ERROR Saving the user: (" . $user->getErrorNo() . ") " . $user->getError(); } else { $output = $output . "User has been saved."; } return $output; } private function buildUserModGrid(mysqli_result $result, $filterCriteria) { $outputHeader = ""; $outputFooter = ""; if(!$result) { // we have an empty result set $output = ""; } else { $output = ""; $result->close(); } return $outputHeader . $output . $outputFooter; } public function getReportListForPermissions($userId, $userRole, $editUser) { $user = new AirtimeUser($editUser); $parent = new AirtimeUser($userId); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->get_parent_user_id() <> $parent->get_airtime_user_id()) { return false; } } $cmd = " SELECT if(airtime_user_reports.report_id in (select airtime_user_reports.report_id from airtime_user_reports where airtime_user_reports.user_id = " . $user->get_airtime_user_id() . "), 1, 0) AS linked_to_child, airtime_user_reports.report_id, airtime_reports.report_name FROM airtime_user_reports INNER JOIN airtime_users ON airtime_user_reports.user_id = airtime_users.airtime_user_id INNER JOIN airtime_reports ON airtime_user_reports.report_id = airtime_reports.report_id WHERE airtime_users.airtime_user_id = " . $parent->get_airtime_user_id(); $result = $this->execCommand($cmd); // now we can build an output form listing the available SIMs $output = "

Filter by Username:

Search

Add new

No users matching your criteria or permissions

"; $fields = $result->fetch_fields(); $output = $output . ""; foreach($fields as $fld) { $output = $output . ""; } $output = $output . ""; $output = $output . ""; while($row = $result->fetch_array(MYSQLI_NUM)) { $output = $output . ""; foreach($row as $fieldVal) { $output = $output . ""; } $output = $output . ""; $output = $output . ""; } $output = $output . "

" . $fld->name . "	Options
$fieldVal	Edit

"; // first, a brief header $output = $output . ""; // now we can print the SIMs for linking $output = $output . ""; $output = $output . "

Logged In as:" . $parent->get_username() . "

Editing permissions for:" . $user->get_username() . "

"; $output = $output . ""; $output = $output . ""; if(!$result) $output = $output . ""; else { while($row = $result->fetch_array(MYSQLI_ASSOC)) { if($row['linked_to_child'] == 1) { $output = $output . ""; } else { $output = $output . ""; } $output = $output . ""; } $output = $output . ""; } $output = $output . "

Link	Report Name
No Reports available for link

	" . $row['report_name'] . "
get_airtime_user_id() . ")\">Save Permissions

"; return $output; } public function getSimlistForPermission($userId, $userRole, $editUser) { $user = new AirtimeUser($editUser); $parent = new AirtimeUser($userId); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->get_parent_user_id() <> $parent->get_airtime_user_id()) { return false; } } $cmd = " SELECT if(packages.package_id in (select airtime_user_sims.package_id from airtime_user_sims where airtime_user_sims.airtime_user_id = " . $user->get_airtime_user_id() . "), 1, 0) as linked_to_child, packages.package_id, packages.msisdn, packages.icc_id, packages.user_1, packages.user_2, packages.user_3, packages.user_4, packages.user_5 FROM airtime_users INNER JOIN airtime_user_sims ON airtime_users.airtime_user_id = airtime_user_sims.airtime_user_id INNER JOIN packages ON packages.package_id = airtime_user_sims.package_id where airtime_users.airtime_user_id = " . $parent->get_airtime_user_id(); $result = $this->execCommand($cmd); // now we can build an output form listing the available SIMs $output = ""; // first, a brief header $output = $output . ""; // now we can print the SIMs for linking $output = $output . ""; $output = $output . "

Logged In as:" . $parent->get_username() . "

Editing permissions for:" . $user->get_username() . "

"; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; if(!$result) $output = $output . ""; else { while($row = $result->fetch_array(MYSQLI_ASSOC)) { if($row['linked_to_child'] == 1) { $output = $output . ""; } else { $output = $output . ""; } $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; $output = $output . ""; } $output = $output . ""; } $output = $output . "

Link	msisdn	icc_id	user_1	user_2	user_3	user_4	user_5
No SIMS available for link

	" . $row['msisdn'] . "	" . $row['icc_id'] . "	" . $row['user_1'] . "	" . $row['user_2'] . "	" . $row['user_3'] . "	" . $row['user_4'] . "	" . $row['user_5'] . "
get_airtime_user_id() . ")\">Save Permissions

"; return $output; } public function saveUserSimPermissions($userId, $isAdmin, $editUserID, $postValues) { $user = new AirtimeUser($editUserID); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->get_parent_user_id() <> $userId) { return false; } } $con = new mysqli($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName) or die ('Could not connect to the database server' . mysqli_connect_error()); // we need a transaction $con->autocommit(false); if(!$con->query("delete from airtime_user_sims where airtime_user_id = " . $user->get_airtime_user_id())) { echo("Error: " . $con->errno . ": " . $con->error . " while resetting permissions."); $con->rollback(); $con->close(); return false; } if(!$stmt = $con->prepare("insert into airtime_user_sims (airtime_user_id, package_id) values (?,?)")) { echo("Error: " . $con->errno . ": " . $con->error . " while resetting permissions."); $con->rollback(); $con->close(); return false; } $packageID = null; $stmt->bind_param('ii', $user->get_airtime_user_id(), $packageID); foreach($postValues['linkedPackages'] as $packageID) { if(!$stmt->execute()) { echo("Error setting permission for $packageID: " . $stmt->errno . ": " . $stmt->error); $con->rollback(); $stmt->close(); $con->close(); return false; } } $con->commit(); $con->close(); $stmt->close(); return $this->getSimlistForPermission($userId, $userRole, $editUserID) . "All changes saved."; } public function saveUserReportPermissions($userId, $isAdmin, $editUserID, $postValues) { $user = new AirtimeUser($editUserID); if(!$isAdmin) { // verify this user is allowed to edit the selected user. if($user->get_parent_user_id() <> $userId) { return false; } } $con = new mysqli($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName) or die ('Could not connect to the database server' . mysqli_connect_error()); // we need a transaction $con->autocommit(false); if(!$con->query("delete from airtime_user_reports where user_id = " . $user->get_airtime_user_id())) { echo("Error: " . $con->errno . ": " . $con->error . " while resetting permissions."); $con->rollback(); $con->close(); return false; } if(!$stmt = $con->prepare("insert into airtime_user_reports (user_id, report_id) values (?,?)")) { echo("Error: " . $con->errno . ": " . $con->error . " while resetting permissions."); $con->rollback(); $con->close(); return false; } $report_id = null; $stmt->bind_param('ii', $user->get_airtime_user_id(), $report_id); foreach($postValues['linkedReports'] as $report_id) { if(!$stmt->execute()) { echo("Error setting permission for $report_id: " . $stmt->errno . ": " . $stmt->error); $con->rollback(); $stmt->close(); $con->close(); return false; } } $con->commit(); $con->close(); $stmt->close(); return $this->getReportListForPermissions($userId, $userRole, $editUserID) . "All changes saved."; } } ?>

[/php]