This sounds like you are on the rite track, if the user is logged in the session variable that holds the userID should be available to you. So you just reference it for the userID column value when inserting or updating your listing table. I think you are doing this part ok.
As for the where clause you will need to update the recordsets to ensure that they only let you update or delete entries that match for that currently logged in user. To modify these recordsets you will need to edit them from the server behaviors. In the simple view you would need to update the filter section and filter based on the userID column equal to 'session value' then enter the name of your session variable that holds the userID.
If the recordset it too complex then you may need to make this update manually in the sql that is on the page.