Using session variable as search parameter for a table

Question

I have been using SESSION Variables to enter data with loginName as way to retrieve only records that contain that Users loginName. How do I create a form that can search using this parameter and bring up all the records that the user created.

This is what I use to input the SESSION variable into the record.

<input type="hidden" name="loginName" id="loginName" value= "<?php echo $_SESSION['MM_loginName']; ?>" />

Here is the form that I was trying to use:

<form action="memberresults.php" method="post" name="form5" target="_self" id="form5">
   <input type="hidden" name="loginName" id="loginName" value= "<?php echo $_SESSION['MM_loginName']; ?>" />
    <input type="submit" name="form5" id="form5" value="Submit" />
 </form>

Any Ideas?

Michael

Answer 1

Presumably you have control over the page memberresults.php? Then you don't need to post any hidden fields, since the session variable will be available right on that page.

$query = 'SELECT * FROM table WHERE user_id = ' . $_SESSION['MM_loginName'];

Of course with the usual validation and SQL injection prevention and so on...