POST/Hide textboxes according the permission value in mysql tabble

Hi Guys,

I have a table that has a field “mod_user_permissions”. Currently it posts the all the textboxes, I want it as follow :

If the value = 1 post as follow :
[php]
$output = “<form name=“main” method=“post”>”;//Output is set as a POST function
$output = $output . “

”;//Create a table and display each texbox and value
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “"; for($i = 0; $i<count($arr); $i++) { //get the keyname $ret .= ""; } $ret .= ""; return $ret; } private function GetBodyFromArray($arr, $classOdd = "", $classEven = "") { $counter = 0; foreach($arr as $row) { //get the keyname $ret .= ""; if($i&1) $rw_class = $classEven; else $rw_class = $classOdd; foreach($row as $fld) { if(substr($fld , 0,3) == "../" OR substr($fld , 0,3) == "htt") { $ret .= ""; } else { $ret .= ""; } } $ret .= ""; } return $ret; } private function GetCSVHeader($arr, $sep=",") { $ret = ""; for($i = 0; $iKeyName($arr, $i) . ""; else $ret .= "$sep" . $this->KeyName($arr, $i) . ""; } $ret .= "\r\n"; return $ret; } function GetCSVContent($arr, $sep=",") { foreach($arr as $row) { $out = ""; foreach($row as $fld) { if($out == "") { $out .= "" .$fld. ""; } else { $out .= "$sep" .$fld. ""; } } $ret .= $out . "\r\n"; } return $ret; } private function KeyName($myArray,$pos) { // $pos--; /* uncomment the above line if you */ /* prefer position to start from 1 */ if ( ($pos < 0) || ( $pos >= count($myArray) ) ) return "NULL"; // set this any way you like reset($myArray); for($i = 0;$i < $pos; $i++) next($myArray); return key($myArray); } private function BuildResultGrid($result) { $output = $this->GetHeaderFromArray($result[0],"gridHeader"); $output = $output . $this->GetBodyFromArray($result, "gridOdd", "gridEven"); return "

User Id	” . $user->get_airtime_user_id () . “
CDR Download permission
SIM Summary download permission
Allow user management
Allow permission management
Allow access to custom reports
Allow access to interactive reports
Username
Password
Parent User
<a href=“javascript:saveUser(” . $user->get_airtime_user_id () . “);”>Save User”; if(!$user->isNewUser())//If not new user, only for edit { $output = $output . " :: <a href=\"javascript:setSimPermissions(" . $user->get_airtime_user_id () . ");\">Modify SIM permissions</a>"; $output = $output . " :: <a href=\"javascript:setReportPermissions(" . $user->get_airtime_user_id () . ");\">Modify Report permissions</a>"; } $output = $output . "</td></tr>"; $output = $output . "</table></form>"; return $output; [/php] If that value = 0 I want to post the following : [php] $output = “<form name=“main” method=“post”>”;//Output is set as a POST function $output = $output . “ ”;//Create a table and display each texbox and value $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “ User Id ” . $user->get_airtime_user_id () . “ CDR Download permission SIM Summary download permission Username Password <a href=“javascript:saveUser(” . $user->get_airtime_user_id () . “);”>Save User”; $output = $output . “ ”; [/php] Here is my login class, what can I add to do this whole procedure… [php] <?php error_reporting(E_ERROR); require_once ('config.php'); require_once('Class.MySQL.Lite.php'); class EvoAirtime { private $db; public function EvoAirtime() { global $site; //initialize DB logic $this->db = new MySQL_Lite_ABS($site['db']); } public function Login($username, $password) { $cmd = "select airtime_user_id, passwd_change_flag, mod_download_cdr, mod_download_sim_summary, mod_user_add, mod_user_permissions, mod_custom_reports, logo_file, mod_interactive_report, is_admin, mod_admin_tools FROM airtime_users where username = '" . $this->CheckInjection($username) . "' and passwd = '" . md5($password) . "'"; if(!$result = $this->db->RetrieveCommandExec($cmd)) { echo($this->db->GetError()); return false; } else { session_start(); $_SESSION['auth']['user'] = $this->CheckInjection($username); $_SESSION['auth']['user-id'] = $result[0]['airtime_user_id']; $_SESSION['auth']['passwd-change'] = $result[0]['passwd_change_flag']; $_SESSION['auth']['mod-download-cdr'] = $result[0]['mod_download_cdr']; $_SESSION['auth']['mod-download-sim-summary'] = $result[0]['mod_download_sim_summary']; $_SESSION['auth']['mod-user-add'] = $result[0]['mod_user_add']; $_SESSION['auth']['mod-user-permissions'] = $result[0]['mod_user_permissions']; $_SESSION['auth']['mod-custom-reports'] = $result[0]['mod_custom_reports']; $_SESSION['auth']['mod-interactive-reports'] = $result[0]['mod_interactive_report']; $_SESSION['auth']['is-admin'] = $result[0]['is_admin']; $_SESSION['auth']['mod-support-tools'] = $result[0]['mod_admin_tools']; $_SESSION['auth']['logo-file'] = $result[0]['logo_file']; return true; } return false; } //Function added by chris to check mod_user_permission public function CheckPermission() { $cmd = "SELECT airtime_users.mod_user_permissions FROM airtime_users where airtime_users.mod_user_permissions = " .$this->Login('mod_user_permissions'); return $this->db->RetrieveCommandExec($cmd); } public function LoadStandardAirtimeReport($user, $period, $endPeriod="") { $billing_period = $this->CheckInjection($period); $billing_period_end = $this->CheckInjection($endPeriod); $user = $this->CheckInjection($user); $cmd = "SELECT rated_eventsdata.imsi AS 'IMSI' , rated_eventsdata.msisdn as 'MSISDN' , rated_eventsdata.call_type AS 'Call Type' , ROUND(CASE rated_eventsdata.label WHEN 'bytes' THEN SUM(rated_eventsdata.units)/1000000 ELSE SUM(rated_eventsdata.units)/60 END, 2) AS 'Total Units' , CASE rated_eventsdata.label WHEN 'bytes' THEN 'MB' ELSE 'Minutes' END AS 'Unit Type' FROM evobilling.airtime_user_sims INNER JOIN evobilling.packages ON (airtime_user_sims.package_id = packages.package_id) INNER JOIN evobilling.rated_eventsdata ON (packages.imsi = rated_eventsdata.imsi)"; /* Append the where clause based on the date values provided */ if($endPeriod != "") { /* The start and end dates for this is a Hack - need to calculate acurate start and end dates based on billing periods using date functions. */ $dtStart = $billing_period . "-01"; $dtEnd = $billing_period_end . "-31"; $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND call_date between '$dtStart' and '$dtEnd'"; } else { $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND SUBSTRING(call_date FROM 1 FOR 7) = '$billing_period'"; } $cmd = $cmd . " GROUP BY rated_eventsdata.imsi,rated_eventsdata.msisdn, packages.note, rated_eventsdata.call_type"; /* Retrieve the results now */ if(!$result = $this->db->RetrieveCommandExec($cmd)) { return "Unable to locate any data for the Billing period selected. If you believe in error, please contact technical support and provide the following information Your username (Email address) Billing period you are trying to view results for "; } else { return $this->BuildResultGrid($result); } } public function ExportStandardAirtimeSimSummary($user, $period, $endPeriod="") { /* Return the Query result as .csv download */ $billing_period = $this->CheckInjection($period); $billing_period_end = $this->CheckInjection($endPeriod); $cmd = "SELECT rated_eventsdata.imsi AS 'IMSI' , rated_eventsdata.msisdn as 'MSISDN' , rated_eventsdata.call_type AS 'Call Type' , ROUND(CASE rated_eventsdata.label WHEN 'bytes' THEN SUM(rated_eventsdata.units)/1000000 ELSE SUM(rated_eventsdata.units)/60 END, 2) AS 'Total Units' , CASE rated_eventsdata.label WHEN 'bytes' THEN 'MB' ELSE 'Minutes' END AS 'Unit Type' FROM evobilling.airtime_user_sims INNER JOIN evobilling.packages ON (airtime_user_sims.package_id = packages.package_id) INNER JOIN evobilling.rated_eventsdata ON (packages.imsi = rated_eventsdata.imsi)"; if($endPeriod != "") { /* The start and end dates for this is a Hack - need to calculate acurate start and end dates based on billing periods using date functions. */ $dtStart = $billing_period . "-01"; $dtEnd = $billing_period_end . "-31"; $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND call_date between '$dtStart' and '$dtEnd'"; } else { $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND SUBSTRING(call_date FROM 1 FOR 7) = '$billing_period'"; } $cmd = $cmd . " GROUP BY rated_eventsdata.imsi, rated_eventsdata.msisdn, rated_eventsdata.call_type"; if(!$result = $this->db->RetrieveCommandExec($cmd)) { return ""; } else { return $this->BuildCSV($result); } } public function ExportStandardAirtimeCDR($user, $period, $endPeriod="") { /* Return the Query result as .csv download */ $billing_period = $this->CheckInjection($period); $billing_period_end = $this->CheckInjection($endPeriod); $cmd = "SELECT rated_eventsdata.id AS 'id' , rated_eventsdata.imsi AS 'IMSI' , rated_eventsdata.msisdn as 'MSISDN' , rated_eventsdata.call_type AS 'Call Type' , rated_eventsdata.destination as 'Destination' , rated_eventsdata.call_date as 'Call Date' , rated_eventsdata.call_time as 'Call Time' , rated_eventsdata.country_code as 'Country' , ROUND(CASE rated_eventsdata.label WHEN 'bytes' THEN rated_eventsdata.units/1000000 ELSE rated_eventsdata.units/60 END, 2) AS 'Total Units' , CASE rated_eventsdata.label WHEN 'bytes' THEN 'MB' ELSE 'Minutes' END AS 'Unit Type' FROM evobilling.airtime_user_sims INNER JOIN evobilling.packages ON (airtime_user_sims.package_id = packages.package_id) INNER JOIN evobilling.rated_eventsdata ON (packages.imsi = rated_eventsdata.imsi)"; if($endPeriod != "") { /* The start and end dates for this is a Hack - need to calculate acurate start and end dates based on billing periods using date functions. */ $dtStart = $billing_period . "-01"; $dtEnd = $billing_period_end . "-31"; $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND call_date between '$dtStart' and '$dtEnd'"; } else { $cmd = $cmd . " WHERE airtime_user_sims.airtime_user_id = $user AND rated_eventsdata.event_id < 1999 AND SUBSTRING(call_date FROM 1 FOR 7) = '$billing_period'"; } if(!$result = $this->db->RetrieveCommandExec($cmd)) { return ""; } else { return $this->BuildCSV($result); } } private function GetHeaderFromArray($arr, $className) { $ret = "
" . $this->KeyName($arr, $i) . "
	" . $fld . "

" . $output . ""; } private function BuildCSV($result) { $output = $this->GetCSVHeader($result[0],","); $output = $output . $this->GetCSVContent($result, ","); return $output; } private function CheckInjection($input) { //return mysql_real_escape_string($input); return $input; } public function getCustomReportList($userID) { //$userID = mysql_real_escape_string($userID); $cmd = "SELECT airtime_reports.report_id, airtime_reports.report_name FROM evobilling.airtime_user_reports INNER JOIN evobilling.airtime_reports ON (airtime_user_reports.report_id = airtime_reports.report_id) WHERE (airtime_user_reports.user_id = $userID)"; if(!$result = $this->db->RetrieveCommandExec($cmd)) { return ""; } else { // Build the report selection dropdown $out = ""; $out = $out . "Select report: "; $out = $out . "-- select --"; foreach($result as $res) { $out = $out . "" . $res["report_name"] . ""; } $out = $out . " show"; } return $out; } public function execCustomReport($postData, $userID, $reportID) { //$userID = ng($userID); //$reportID = mysql_real_escape_string($reportID); if(!$result = $this->db->RetrieveCommandExec($this->getCustomReportCommand($postData, $userID, $reportID))) { return "No data returned for the provided criteria"; } else { return $this->BuildResultGrid($result); } } public function execCustomReportCSV($postData, $userID, $reportID) { if(!$result = $this->db->RetrieveCommandExec($this->getCustomReportCommand($postData, $userID, $reportID))) { return "No data returned for the provided criteria"; } else { return $this->BuildCSV($result); } } } [/php]

use your connection to database
and
[php]

$userp = $row[‘mod_user_permissions’];

if ($userp ==1){
$output = “<form name=“main” method=“post”>”;//Output is set as a POST function
$output = $output . “

”;//Create a table and display each texbox and value
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “”;
$output = $output . “

User Id	” . $user->get_airtime_user_id () . “
CDR Download permission
SIM Summary download permission
Allow user management
Allow permission management
Allow access to custom reports
Allow access to interactive reports
Username
Password
Parent User
<a href=“javascript:saveUser(” . $user->get_airtime_user_id () . “);”>Save User”; if(!$user->isNewUser())//If not new user, only for edit { $output = $output . " :: <a href=\"javascript:setSimPermissions(" . $user->get_airtime_user_id () . ");\">Modify SIM permissions</a>"; $output = $output . " :: <a href=\"javascript:setReportPermissions(" . $user->get_airtime_user_id () . ");\">Modify Report permissions</a>"; } $output = $output . "</td></tr>"; $output = $output . "</table></form>"; return $output; } [/php] and [php] if ($userp ==0){ $output = “<form name=“main” method=“post”>”;//Output is set as a POST function $output = $output . “ ”;//Create a table and display each texbox and value $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “”; $output = $output . “ User Id ” . $user->get_airtime_user_id () . “ CDR Download permission SIM Summary download permission Username Password <a href=“javascript:saveUser(” . $user->get_airtime_user_id () . “);”>Save User”; $output = $output . “ ”; } [/php] try that and let me know there