I created a websites and i encountered problem in adding events in my calendar. For better understanding on the flow of my website this is the step by step flow: First i have a database and it has two tables one for tbllogin and one for the calendar. In my tbllogin it consist of 3 fields the Username, Department, and Permission. I add permission for the condition who can add event. And the calendar table is for the data was enter by the user when they add event. My Calendar event all user can add event, but now i want that only one user can add event and the rest when they try to add event the message "You cannot add new event " will appear. And the add event link will appear only to the user that the permission is true. LOGIN CODE: PHP: <?php session_start(); session_regenerate_id(); if($_SESSION['loggedin']){ //the user is already logged in, lets redirect them to the other page header("Location:company.php"); } //require_once 'conn.php'; $db_name="dspi"; mysql_connect("localhost", "root", "") or die("Cannot connect to server"); mysql_select_db("$db_name")or die("Cannot select DB"); $department = mysql_real_escape_string($_POST['department']); $username = mysql_real_escape_string($_POST['username']); $sql=mysql_query("SELECT `Department`, `Username` FROM `tbllogin` WHERE `Department` = '{$department}' AND Username = '{$username}'") or die(mysql_error()); $ct = mysql_num_rows($sql); if($ct == 1) { // im guessing this means that the user is valid. $_SESSION['loggedin'] = true; // now that the user is valid we change the session value. $row = mysql_fetch_assoc($sql); $_SESSION['username'] = $row['Username'] ; $_SESSION['department'] = $row['Department']; $Departments=array('Accounting', 'Engineering', 'Finishing_Goods', 'HRAD', 'MIS', 'Packaging_and_Design', 'Production', 'Purchasing_Logistic', 'QA_and_Technical', 'Supply_Chain'); if (in_array($row['Department'], $Departments)){ header ('Location:company.php'); }else{ echo "Incorrect Username or Department"; header ('Location:index.php'); } }?> CALENDAR CODE: PHP: <?phpsession_start();$host = "localhost"; $username = ""; $password = ""; $dbCnx = @mysql_connect($host, $username, $password) or die('Could not Connect to the database'); $dbName = 'dspi'; mysql_select_db($dbName); ?><html><body><script>function goLastMonth(month, year){// If the month is January, decrement the yearif(month == 1){--year;month = 13;}document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;}//next functionfunction goNextMonth(month, year){// If the month is December, increment the yearif(month == 12){++year;month = 0;}document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;} function remChars(txtControl, txtCount, intMaxLength){if(txtControl.value.length > intMaxLength)txtControl.value = txtControl.value.substring(0, (intMaxLength-1));elsetxtCount.value = intMaxLength - txtControl.value.length;}function checkFilled() {var filled = 0var x = document.form1.calName.value;//x = x.replace(/^\s+/,""); // strip leading spacesif (x.length > 0) {filled ++}var y = document.form1.calDesc.value;//y = y.replace(/^s+/,""); // strip leading spacesif (y.length > 0) {filled ++}if (filled == 2) {document.getElementById("Submit").disabled = false;}else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased}</script> <?php//$todaysDate = date("n/j/Y");//echo $todaysDate;// Get values from query string$day = (isset($_GET["day"])) ? $_GET['day'] : "";$month = (isset($_GET["month"])) ? $_GET['month'] : "";$year = (isset($_GET["year"])) ? $_GET['year'] : "";//comparaters for today's date//$todaysDate = date("n/j/Y");//$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";//$what = (isset($_GET["what"])) ? $_GET['what'] : "";//$day = (!isset($day)) ? $day = date("j") : $day = "";if(empty($day)){ $day = date("j"); }if(empty($month)){ $month = date("n"); }if(empty($year)){ $year = date("Y"); } //set up vars for calendar etc$currentTimeStamp = strtotime("$year-$month-$day");$monthName = date("F", $currentTimeStamp);$numDays = date("t", $currentTimeStamp);$counter = 0;//$numEventsThisMonth = 0;//$hasEvent = false;//$todaysEvents = ""; //run a selec statement to hi-light the daysfunction hiLightEvt($eMonth,$eDay,$eYear){//$tDayName = date("l");$todaysDate = date("n/j/Y");$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;if($todaysDate == $dateToCompare){//$aClass = '<span>' . $tDayName . '</span>';$aClass='class="today"';}else{//$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;//echo $todaysDate;//return;$sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'";//echo $sql;//return;$result = mysql_query($sql);while($row= mysql_fetch_array($result)){if($row['eCount'] >=1){$aClass = 'class="event"';}elseif($row['eCount'] ==0){$aClass ='class="normal"';}}}return $aClass;}?><div id="Calendar_Event"><table width="350" cellpadding="0" cellspacing="0"><tr><td width="50" colspan="1"><input type="button" value=" < " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);"></td><td width="250" colspan="5"><span class="title" style="color:#FFFFFF"><?php echo $monthName . " " . $year; ?></span><br></td><td width="50" colspan="1" align="right"><input type="button" value=" > " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);"></td></tr> <tr><th>M</td><th>T</td><th>W</td><th>T</td><th>F</td><th>S</td><th>S</td></tr><tr><?phpfor($i = 1; $i < $numDays+1; $i++, $counter++){$dateToCompare = $month . '/' . $i . '/' . $year;$timeStamp = strtotime("$year-$month-$i");//echo $timeStamp . '<br/>';if($i == 1){// Workout when the first day of the month is$firstDay = date("N", $timeStamp);for($j = 1; $j < $firstDay; $j++, $counter++){echo "<td> </td>";} }if($counter % 7 == 0 ){?></tr><tr><?php}?><!--right here--><td width="50" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a></td> <?php}?></table></div><div id="New_Event"><?phpif(isset($_GET['v'])){if(isset($_POST['Submit'])){$sql="insert into calTbl(calName,calDesc,calDate,calStamp) values('" . $_POST['calName'] ."','" . $_POST['calDesc'] . "','" . $_POST['calDate'] . "',now())";mysql_query($sql);}$sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'";//echo $sql;//return;$result = mysql_query($sql);$numRows = mysql_num_rows($result);$check1=mysql_query("SELECT * FROM tbllogin WHERE Username='maan.manalo@dunlop.ph' AND Department='HRAD' AND Permission='True'");$check2 = mysql_fetch_array($check1);if($check2['Username']=='maan.manalo@dunlop.ph' && $check2['Department']=='HRAD' && $check2['Permission']=='True'){$_SESSION['isallowed'] = $check2['Permission']; ?><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">Add Even</a><a href="<?=$_SERVER['PHP_SELF'];?>?month=<?=$_GET['month'] . '&day=' . $_GET['day'] . '&year=' . $_GET['year'];?>&v=1&f=true">t</a><?php}else{echo 'You cannot Add New Event';}?></div><div id="Cal_Event"><?phpif(isset($_GET['f'])){include 'calform.php';}if($numRows == 0 ){echo '';}else{//echo '<ul>';echo '<h3>Event Listed</h3>';while($row = mysql_fetch_array($result)){?><h5><?=$row['calName'];?></h5><?=$row['calDesc'];?><br/>Listed On: <?=$row['calStamp'];?><?php}}}?></div></body></html> in this calendar code in all user the add event link was appear.