0

I'm really having a hard time dealing with "fetch user-specific data". Thing is I planned to log into my Android Application and when I go to a different activity (ProfileActivity), I can see my own profile data (in this case, "Full Name" and "Job") directly from PHP and MySQL Database. That was what I initially wanted. I have my own SharedPreference and it works perfectly BUT somehow it only stores my Username and Full Name (because I have RegisterActivity) and not my "Job". I've tried reading several solutions like storing in SQLite or tokens but mostly I can't get to that point and I can't get it to work.

But then I thought of using the $_SESSION in PHP. What's in my way of thinking was: First, I start my Android App and input my credential to login (Username and Password); Then, the inputted variable (Username) is stored and processed in PHP $_SESSION (loginget.php); After that, I planned to use that $_SESSION to be used to another PHP files (e.g. c.php) and display it in either Android textview or recyclerview for future needs.;

That was I initially wanted it to work, but couldn't.

I have this PHP login file that accept username and password loginget.php.

<?php
$response = array();
include 'koneksi.php';
include 'functions.php';
session_start();
//Get the input request parameters
$inputJSON = file_get_contents('php://input');
$input = json_decode($inputJSON, TRUE); //JSON decode convert JSON into array. (JSON is from android input, array  is for php)

//Check for Mandatory parameters
if(isset($input['username']) && isset($input['password'])){
    $username = $input['username'];
    $password = $input['password'];
    $query    = "SELECT full_name, job, password_hash, salt FROM member WHERE username = ? ";

    if($stmt = $con->prepare($query)){
        $stmt->bind_param("s",$username);
        $stmt->execute();
        $stmt->bind_result($fullName,$job,$passwordHashDB,$salt);
        if($stmt->fetch()){
            //Validate the password
            if(password_verify(concatPasswordWithSalt($password,$salt),$passwordHashDB)){
                $response["status"] = 0;
                $response["message"] = "Login successful";
                $response["full_name"] = $fullName;
                $response["job"] = $job;

            }
            else{
                $response["status"] = 1;
                $response["message"] = "Invalid username and password combination";
            }
        }
        else{
            $response["status"] = 1;
            $response["message"] = "Invalid username and password combination";
        }

        $stmt->close();
    }
}
else{
    $response["status"] = 2;
    $response["message"] = "Missing mandatory parameters";
}
$_SESSION['yes_msg'] = $response["full_name"];
echo json_encode($response);

?>

And this c.php used to fetch the Profile Data ("Full Name" and "Job") from MySQL Database:

<?php

session_start();

$SESSION = $_SESSION['yes_msg'];
include 'koneksi.php';
include 'functions.php';
//if everything is fine then create an array for storing the data 

$resp = array(); 

$sql = "SELECT full_name,job FROM member WHERE username = '$SESSION'";

//creating an statment with the query
$stmt = $con->prepare($sql);

//executing that statment
$stmt->execute();

//binding results for that statment 
$stmt->bind_result($full_name,$job);

//looping through all the records
while($stmt->fetch()){

    //pushing fetched data in an array 
    $temp = [
        //'user_id'=>$user_id,
        //'username'=>$username,
        'full_name'=>$full_name,
        'job'=>$job
    ];

    //pushing the array inside the hero array 
    array_push($resp, $temp);
}

//displaying the data in json format 
echo json_encode($resp);
?>

It looked like I placed the $_SESSION function on loginget.php at the wrong place and can't get it to work. In c.php, the GET function worked fine when I tested with static variable and it shows on the Android Activity.

But when I tried to connect it with loginget.php, the data is not showing or fetched, but there are no errors as well.

I really appreciated hint or answer, for this is probably beginner's mistake as I am a beginner as well and this is my first time writing and asking a question.

Chandra Riadi
  • 1
  • 2
  • if you have problem from your back-end code, please remove android tag and show your android code, and else you have problem from your android app, remove php tag and codes, it's tooooo long and hard to understand – Shahriyar Aghajani Jun 16 '20 at 08:57
  • @ShahriyarAghajani I apologize for the inconvenience. I thought that tags are related to question in general. – Chandra Riadi Jun 16 '20 at 09:36
  • @ChandraRiadi How do you send the session id between the two calls to `loginget.php` and `c.php`? And what exactly do you mean in the comment by `// outputs "Invalid input"`? – Progman Jun 16 '20 at 10:50
  • @Progman As I'm new to this, I thought that calling `session_start(); $SESSION = $_SESSION['yes_msg'];` would send the session id between files. As the comment `// outputs "Invalid input"` was a comment of the answers I got from this [link](https://stackoverflow.com/a/5678625) – Chandra Riadi Jun 17 '20 at 01:48
  • @Progman I already editted the irrelevant comment, thank you for pointing it out. – Chandra Riadi Jun 17 '20 at 01:52
  • @ChandraRiadi Check the return value of `session_id();` on both pages and verify that they are the same between the calls. If they are not, then you would always create a new empty session with now values/variables in it. – Progman Jun 17 '20 at 08:37

0 Answers0