0

I need to update the session_id in the database every time a users login to my page. So it saves the active session from the user that is saved in the variable $sesId. I tried this but didn't worked.

<?php
session_start();
// Change this to your connection info.
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'USer1';
$DATABASE_PASS = 'BBHHJJ';
$DATABASE_NAME = 'database';
$email = $_POST['email'];
$hash = password_hash($password, PASSWORD_DEFAULT);


// Creating a connection
$conn = new mysqli($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
// Check connection
if ($conn->connect_error) {
   die("Connection failed: " . $conn->connect_error);
}
  echo "Connected successfully";



// Prepare our SQL, preparing the SQL statement will prevent SQL injection.
if ($stmt = $conn->prepare('SELECT id, password, Status, linkPersoonlijkplan , PersoonlijkPlan FROM accounts WHERE username =? ')) {
    
    $stmt->bind_param('s', $_POST['username']);
    $stmt->execute();
    // Store the result so we can check if the account exists in the database.
    $stmt->store_result();
    echo "check";
    }
else{
header("location:inlogF2.php");
}

    if ($stmt->num_rows > 0) {
    $stmt->bind_result($id, $password, $Status, $linkPersoonlijkplan,$PersoonlijkPlan);
            
    $stmt->fetch();
    
    if (password_verify($_POST['password'], $password)) {
            
        session_regenerate_id();
        $_SESSION['loggedin'] = TRUE;
        $_SESSION['name'] = $_POST['username'];
        $_SESSION['id'] = $id;
        $_SESSION['Status'] = $Status;
        $_SESSION['pw'] = $password;
        $_SESSION['linkPersoonlijkplan'] = $linkPersoonlijkplan;
        $_SESSION['Ingelogd'] = "1";
        $_SESSION['PersoonlijkPlan'] = $PersoonlijkPlan;
        echo 'Welcome ' . $_SESSION['name'] . '!';
        $sesId = session_id();

        $stmt = $conn->mysqli->prepare("UPDATE accounts SET sessie=? WHERE id=?");
        $stmt->bind_param('s', $sesId, $id);
        $stmt->execute();
        
        header("location:homepage.php");
        
    } else {
        $_SESSION['fout'] = "3";
        echo 'Incorrect password!';
        header("location:inlogF.php");
    }
} else {
        header("location:inlogF2.php");
}
$stmt->close();




?>
Dharman
  • 30,962
  • 25
  • 85
  • 135
Medewerker 1
  • 9
  • 3
  • Need an extra `s` in `$stmt->bind_param('ss', $sesId, $id);` – Felippe Duarte Nov 12 '20 at 16:38
  • You need to stop manually checking for errors. Please read: [Should we ever check for mysqli_connect() errors manually?](https://stackoverflow.com/q/58808332/1839439) and [Should I manually check for errors when calling “mysqli_stmt_prepare”?](https://stackoverflow.com/q/62216426/1839439) – Dharman Nov 12 '20 at 17:44
  • 1
    What have you tried to check why this is not working? – Nico Haase Nov 12 '20 at 17:46
  • Changed the ss and removed the mysqli-> in the update and it worked – Medewerker 1 Nov 13 '20 at 10:07

1 Answers1

0

Changed the s to ss and removed the mysqli-> in the update and it works now

Medewerker 1
  • 9
  • 3