-2

This is my login code

global $connection;

if (isset($_POST['user_login'])) {

    $email = $_POST['email'];
    $password = $_POST['password'];
    $password= md5($password);

    $login = mysqli_query($connection, "SELECT * FROM user WHERE email ='{$email}' AND password = '{$password}' ");
    if(!$login) {
        die("QUERY FAILED" . mysqli_error($connection));
    }

    if(!$login || mysqli_num_rows($login) == 0) {

        echo "<div class='alert alert-danger' role='alert'> <strong>Your Username or Password is invalid!</strong></div>";

    } else {
        $_SESSION['user_id'] = $user_id;
        $_SESSION['email'] = $email;
        $_SESSION['username'] = $username;

        header('Location: index.php');
    }
}

I used the print_r function to display all the sessions but only the session email is getting declared. Why isn't the user_id and username not getting declared? What did I do wrong?

Unknown
  • 1
  • 1

2 Answers2

0
  1. You might forget to declare session_start(); at the top.
  2. It seems like you are using user_id and username in your sessions but they are not fetched from anywhere in your PHP code. So, you might forget to get and then use them from your $login response.

This is an assumption because your code looks to use user_id and username on the basis of SELECT query.

So, you can try using this code which has all parameters used from select query:

session_start();
global $connection;

if (isset($_POST['user_login'])) {

    $email = $_POST['email'];
    $password = $_POST['password'];
    $password= md5($password);

    $login = mysqli_query($connection, "SELECT * FROM user WHERE email ='{$email}' AND password = '{$password}' LIMIT 1");
    if(!$login) {
        die("QUERY FAILED" . mysqli_error($connection));
    }

    if(!$login || mysqli_num_rows($login) == 0) {

        echo "<div class='alert alert-danger' role='alert'> <strong>Your Username or Password is invalid!</strong></div>";

    } else {
        // get user_id and username fetched from your Select query
        while($row = $login->fetch_assoc()) {
          $_SESSION['user_id'] = $row['user_id']; // assuming user_id as a column
          $_SESSION['email'] = $email;
          $_SESSION['username'] = $row['username']; // assuming username as a column
        }
        header('Location: index.php');
    }
}
Satish Saini
  • 2,880
  • 3
  • 24
  • 38
  • Person who gave down-vote should explain the reason here at least? :) – Satish Saini May 03 '17 at 18:03
  • Not my downvote, but instead of dumping a bunch of code and saying "try this", adding an explanation as to what was changed, and why, makes the answer so much better - for OP and future readers. – Qirel May 03 '17 at 18:10
  • @Satish Saini - Thank you, got it to work. :) Sorry, they don't allow me to up-vote. – Unknown May 03 '17 at 18:13
  • @Qirel have updated it to make it more clear! Thanks for your comment because that really makes this platform more useful. – Satish Saini May 03 '17 at 18:15
  • @Unknown: Glad that I was able to trace your mind and gave you expected stuff! Cheers. – Satish Saini May 03 '17 at 18:16
-1

When you try to put not initilized variable or null value into session, session don't raise the exception. But key and value list, can not add not init variable or null value.

Ardeshir Ayati
  • 113
  • 1
  • 5