I have a database which all information regarding the jobs my company does is kept. At the end of each day all field supervisors are required to enter data such as number of parts inspected and all time from employees on their particular job. After they enter this data they are required to review what the have entered for accuracy. This page is called reviewdata.php and after they enter the date I have the page display just the data they entered by looking at the user variable passed from their login. If I skip this check of user I can get it to display all data entered by anyone on that date.

What I would like is to check if it is 2 particular users and if it is, display all data for the day. If not then I want it to only display the "users" data..

I'm not quite sure how to do this. Use "case", "if" ??????

Thanks in advance for any help..

below is the code:

require_once('../../Connections/pccweb.php');
// Buzz inet PHPLS03 - Check User Session is set
session_save_path("/home/users/web/b594/ipw.pccsort/phpsessions");
session_start();
if(!isset($HTTP_SESSION_VARS['adminsession'])){
header("Location: /admin/index.php");
}
// Buzz inet PHPLS04 - Check User Level
session_save_path("/home/users/web/b594/ipw.pccsort/phpsessions");
session_start();
if(!isset($HTTP_SESSION_VARS['adminlevel'])){
header("Location: noaccess.php");
} else {
if($HTTP_SESSION_VARS['adminlevel'] < 3){
header("Location: noaccess.php");
}
}

/// Im going to try to get an autopost of user to reviewdata table here
$today = date('Ymd');
$rd = $HTTP_GET_VARS['date'];
$user = $HTTP_SESSION_VARS['adminsession'];


mysql_select_db($database_pccweb, $pccweb);
$insertSQL = sprintf("INSERT INTO reviewdata(user, date) VALUES ('$user', '$date')");
mysql_select_db($database_pccweb, $pccweb);
$Result1 = mysql_query($insertSQL, $pccweb) or die(mysql_error());

/// finished with posting to reviewdata table

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
if ((isset($HTTP_POST_VARS['timeId'])) && ($HTTP_POST_VARS['timeId'] != "")) {
$deleteSQL = sprintf("DELETE FROM time WHERE timeId=%s",
GetSQLValueString($HTTP_POST_VARS['timeId'], "int"));

require_once('../../Connections/pccweb.php');

mysql_select_db($database_pccweb, $pccweb);
$Result1 = mysql_query($deleteSQL, $pccweb) or die(mysql_error());
$deleteGoTo = "../admin/prereviewdata.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
if ((isset($HTTP_POST_VARS['sortId'])) && ($HTTP_POST_VARS['sortId'] != "")) {
$deleteSQL = sprintf("DELETE FROM sorting WHERE sortId=%s",
GetSQLValueString($HTTP_POST_VARS['sortId'], "int"));

require_once('../../Connections/pccweb.php');
mysql_select_db($database_pccweb, $pccweb);
$Result1 = mysql_query($deleteSQL, $pccweb) or die(mysql_error());
$deleteGoTo = "../admin/prereviewdata.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}


require_once('../../Connections/pccweb.php');
$colname_Recordset2 = "1";
if (isset($HTTP_GET_VARS['date'])) {
$colname_Recordset2 = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['date'] : addslashes($HTTP_GET_VARS['date']);
}
mysql_select_db($database_pccweb, $pccweb);
$query_Recordset2 = sprintf("SELECT *, SUM(time.hours) FROM time WHERE date = '%s' and enteredBy = '$user' GROUP BY empLast, empFirst, job", $colname_Recordset2);
$Recordset2 = mysql_query($query_Recordset2, $pccweb) or die(mysql_error());



Any help is appreciated..