Show only user from the same company

I want ask how it’s possible when an user Type=Chef logs into the website, in the Dashboard it only shows the user from his company Foreign key (fk_FirmaID). I don’t how process it to only show a specific company.

Here is my code that I have for the moment. When an user is logging in I’m saving his user details in a $_SESSION. Updated the code cause I send the wrong one. Here is my database structure.

<?php
session_start();
require('config.php');
include('functions.php');
$sessionType = (!empty($_SESSION['type']))?$_SESSION['type']:null;
$sessionUsername = (!empty($_SESSION['username']))?$_SESSION['username']:null;
$sessionfkfirma = (!empty($_SESSION['fk_FirmaID']))?$_SESSION['fk_FirmaID']:null;
$msg = null;
$stmt = mysqli_query($link, "SELECT * FROM benutzer");



if(isset($_POST['modifySubmit'])) {
  $newname = $_POST['newname'];
  $userid = $_POST['userid'];
  $stmt = mysqli_query($link, "UPDATE benutzer SET username = '$newname' WHERE id = $userid");
  if($stmt){
    $msg = alert_success("Good Job, Buddy! The record has been updated successfully.");
  }else{
    $msg = alert_error();
  }
}

if(!empty($_GET['delete'])) { //
  $id = $_GET['delete'];
  $stmt = mysqli_query($link, "DELETE FROM benutzer WHERE id = $id");
  if($stmt) {
    $msg = alert_success("Good Job, Buddy! The record has been deleted sucessfully.");
  }else{
    $msg = alert_error();
  }
}


?>
<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8">
    <title>Panel</title>
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
    <link rel="stylesheet" type="text/css" href="css/main.css">
  </head>
  <body>
    <div class="page-head">
      <center>
      <img src="logo.png" alt="logo" width="170px" height="170px">
    </center><br><br>
      <h1>Admin Panel</h1>
    </div>
    <div class="left">
      <center>
        <a href="welcome.php" class="btn btn-default">Go Back</a>
        <a href="adduser.php" class="btn btn-info">Create user</a>
      </center>
    </div>
    <br>
    <?php echo $msg; if(!empty($_GET['modify'])){ ?>
      <div class="modify-user text-center">
        <div class="row">
          <h4 class="text-center">Modify user</h4>
        </div>
        <table>
          <tr>
            <td>
                    <div class="form-group">
                        <form method="post" action="" onSubmit="return confirm('Are you sure you want to update this user?')">
                          <input type="hidden" name="userid" value="<?php echo $_GET['modify']; ?>">
                          <input type="text" name="newname" placeholder="Name / Vorname" class="text-center" value="<?php if(isset($_POST['modifySubmit'])){ echo $_POST['newname']; } ?>"><br><br>
                  <input type="submit" value="Save" class="btn btn-primary" name="modifySubmit">
                        </form>
                    </div>
                    </td>
                </tr>
            </table>
      </div>
    <?php } ?>
    <div class="table-responsive">
      <table class="table">
        <tr>
          <th>ID</th>
          <th>Name / Vorname</th>
          <th>Email</th>
          <th>Type</th>
          <th>Firma</th>
          <?php $row = mysqli_fetch_array($stmt);
          if(($sessionType == 'Admin') or ($sessionType == 'Chef')){ ?>
          <th>Modify</th>
          <?php
          if(($sessionType == 'Admin') or ($sessionType === 'Chef')){ ?>
            <th>Delete</th>
          <?php }} ?>
        </tr>
        <?php while($row = mysqli_fetch_array($stmt)){ ?>
          <tr>
            <td><?php echo $row['id']; ?></td>
            <td><?php echo $row['username']; ?></td>
            <td><?php echo $row['email']; ?></td>
            <td><?php echo $row['type']; ?></td>
            <td><?php echo $row['fk_FirmaID']; ?></td>
            <?php if(($sessionType == 'Admin') or ($sessionType == 'Chef') and ($sessionType == 'Mitarbeiter' or $sessionUsername != $row['username'])){ ?>
            <td><a href="panel.php?modify=<?php echo $row['id']; ?>">Modify</a></td>
            <?php } ?>
            <?php if(($sessionType == 'Admin') or ($sessionType == 'Chef')  and ($sessionType == 'Mitarbeiter' or $sessionUsername != $row['username'])){ ?>
              <td><a href="panel.php?delete=<?php echo $row['id']; ?>"  onclick="return confirm('Are you sure you want to delete this user?')">Delete</a></td>
            <?php } ?>
          </tr>
        <?php } ?>
      </table>
    </div>
  </body>
</html>


  

Answer

I think this is what you are trying to achieve!

$stmt = mysqli_query($link, "SELECT * FROM benutzer INNER JOIN firma ON benutzer.fk_FirmaID = firma.FirmaID");

You need to use JOIN to connect between both the tables. Here, INNER JOIN returns only those data for whom the records are matching in both the fields. It eliminates the rest of the result.

Leave a Reply

Your email address will not be published. Required fields are marked *