0

i'm calling name from database using $_SESSION['name']; after using this i'm getting this Notice: Undefined index: name in C:\Users\..\logged_in.php on line 2 can you tell me what's goin on? please help please...

logged-in.php

Hey, <?php echo $_SESSION['name']; ?>. You are logged in.
Try to close this browser tab and open it again. Still logged in! ;)

<a href="index.php?logout">Logout</a>

login.php

<?php

/**
 * Class login
 * handles the user's login and logout process
 */
class Login
{
    /**
     * @var object The database connection
     */
    private $db_connection = null;
    /**
     * @var array Collection of error messages
     */
    public $errors = array();
    /**
     * @var array Collection of success / neutral messages
     */
    public $messages = array();

    /**
     * the function "__construct()" automatically starts whenever an object of this class is created,
     * you know, when you do "$login = new Login();"
     */
    public function __construct()
    {
        // create/read session, absolutely necessary
        session_start();

        // check the possible login actions:
        // if user tried to log out (happen when user clicks logout button)
        if (isset($_GET["logout"])) {
            $this->doLogout();
        }
        // login via post data (if user just submitted a login form)
        elseif (isset($_POST["login"])) {
            $this->dologinWithPostData();
        }
    }

    /**
     * log in with post data
     */
    private function dologinWithPostData()
    {
        // check login form contents
        if (empty($_POST['user_name'])) {
            $this->errors[] = "Username field was empty.";
        } elseif (empty($_POST['user_password'])) {
            $this->errors[] = "Password field was empty.";
        } elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {

            // create a database connection, using the constants from config/db.php (which we loaded in index.php)
            $this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);

            // change character set to utf8 and check it
            if (!$this->db_connection->set_charset("utf8")) {
                $this->errors[] = $this->db_connection->error;
            }

            // if no connection errors (= working database connection)
            if (!$this->db_connection->connect_errno) {

                // escape the POST stuff
                $user_name = $this->db_connection->real_escape_string($_POST['user_name']);

                // database query, getting all the info of the selected user (allows login via email address in the
                // username field)
                $sql = "SELECT user_name, user_email, user_password_hash
                        FROM users
                        WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
                $result_of_login_check = $this->db_connection->query($sql);

                // if this user exists
                if ($result_of_login_check->num_rows == 1) {

                    // get result row (as an object)
                    $result_row = $result_of_login_check->fetch_object();

                    // using PHP 5.5's password_verify() function to check if the provided password fits
                    // the hash of that user's password
                    if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {

                        // write user data into PHP SESSION (a file on your server)
                        $_SESSION['user_name'] = $result_row->user_name;
                        $_SESSION['user_email'] = $result_row->user_email;
                        $_SESSION['user_login_status'] = 1;

                    } else {
                        $this->errors[] = "Wrong password. Try again.";
                    }
                } else {
                    $this->errors[] = "This user does not exist.";
                }
            } else {
                $this->errors[] = "Database connection problem.";
            }
        }
    }

    /**
     * perform the logout
     */
    public function doLogout()
    {
        // delete the session of the user
        $_SESSION = array();
        session_destroy();
        // return a little feeedback message
        $this->messages[] = "You have been logged out.";

    }

    /**
     * simply return the current state of the user's login
     * @return boolean user's login status
     */
    public function isUserLoggedIn()
    {
        if (isset($_SESSION['user_login_status']) AND $_SESSION['user_login_status'] == 1) {
            return true;
        }
        // default return
        return false;
    }
}
Vikas Arora
  • 1,666
  • 2
  • 17
  • 38
user3535207
  • 3
  • 2
  • 2
    session_start() is inside your class construct.. if you don't call it there wont be any session to work with.. + you set $_SESSION['user_name'] but trying to catch $_SESSION['name'] ? – Svetoslav Apr 15 '14 at 09:16
  • possible duplicate of [PHP: "Notice: Undefined variable" and "Notice: Undefined index"](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index) – Touchpad Apr 16 '14 at 08:00

5 Answers5

1

Maybe the session can't be created. Did you use start_session() on your file?

echo username like that <?php echo (isset($_SESSION['name'])) ? $_SESSION['name'] : 'guest'; ?> and see if session has been created.

Asil Balaban
  • 96
  • 1
  • 10
  • nice answer but how to call name from database who logged in – user3535207 Apr 15 '14 at 09:23
  • You already set username from database `$_SESSION['user_name'] = $result_row->user_name;` but after that you call session `$_SESSION['name']` like that, maybe you just call session with wrong key.. Try this `$_SESSION['user_name']` – Asil Balaban Apr 15 '14 at 09:28
0

I see session_start in your Login::__construct function, but do you construct new Login before attempting to access $_SESSION variables? I'm not seeing that... I would suggest making sure session_start() is somewhere in your init code, called before anything else.

Niet the Dark Absol
  • 320,036
  • 81
  • 464
  • 592
0

I'm assuming that there is some other code calling the login script. Anyways, that notice means that the 'name' key is not registered in the $_SESSION, which makes sense since I think you mean 'user_name'.

so try:

Hey, <?php echo $_SESSION['user_name']; ?>. You are logged in.
Try to close this browser tab and open it again. Still logged in! ;)

<a href="index.php?logout">Logout</a>

Otherwise you have to register the 'name' in the session, assuming $result_row has a name attribute:

if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
    // write user data into PHP SESSION (a file on your server)
    $_SESSION['name'] = $result_row->name; 
    $_SESSION['user_name'] = $result_row->user_name;
    $_SESSION['user_email'] = $result_row->user_email;
    $_SESSION['user_login_status'] = 1;

}
redmoon7777
  • 4,498
  • 1
  • 24
  • 26
0

1st. Please move your session_start() to a file which will be included in all your php files and REMOVE it from your Login class :)

Perhaps you can move it to where you set constants as DB_HOST, DB_USER and etc..

2nd Check your $_SESSION keys :) you are setting $_SESSION['user_name'] but try to catch $_SESSION['name']

Svetoslav
  • 4,686
  • 2
  • 28
  • 43
0

You can't access $_SESSION variable without starting a session. Also if you have already started the session anywhere before in your php file, then you will get warning that a session is already started. so consider using the following statement, before you access $_SESSION variable:

if( !session_id() ) session_start();

Prakash GPz
  • 1,675
  • 4
  • 16
  • 27