-2

how do i select a single user transaction log from the database, it should fetch only the logged in transaction log i tried with this line of code but it is fetching all the user transaction instead of the current logged in user. what can i do please

<?php

                $sql = "SELECT * FROM admin_dept_table";
                $query_run = mysqli_query($conn, $sql);

            ?>

            <table class="display table"  id="example">
                                <thead>
                                    <tr class="info">
                
                  <th>Amount(USD)</th>
                                        <th>Status</th>
                                        <th>Tnx ID</th>
                                        <th>Date</th>
                                    </tr>
                                </thead>

          
    

                            
                                <tbody>

                <?php
    
            if(mysqli_num_rows($query_run) > 0)
            {

                while($row = mysqli_fetch_assoc($query_run)){


                    ?>
            
           <tr>
                    
                   
                    <td> <?php echo $row['amount']; ?></td>
                    <td> <?php echo $row['status']; ?></td>
                    <td> <?php echo $row['transactionid']; ?></td>
                    
                    <td> <?php echo $row['date']; ?></td>
                    
                  </tr>
                  <?php
                }
            }else{
                echo "no record found";
            }

      ?>
    
                                </tbody>
</table>
Ayomi Bami
  • 1
  • 1
    Add a WHERE clause to the query. Use the current user ID as a parameter in that clause. You can probably get the ID from the Session – ADyson Dec 05 '22 at 18:57
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. – Community Dec 06 '22 at 12:16

1 Answers1

-3

Think you can add condition to the SQL query that filtersby the user's ID or username. Example >>> SELECT * FROM table WHERE user_id = '$user_id'

Alex Lew
  • 1
  • 3
    **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman Dec 05 '22 at 19:28