I'm new at PHP. I have a problem. The session is not saved, but at the same time it is opened, session_status() returns 2, so session active. I think that it is re-created every time, but at the same time it is not visible "globally".Because every time (after auth) session_id() has another numbers. Help me please. The site is created using react. Therefore, all requests are made with a fetch. Here is my code:
router.php
<?php
session_start();
header("Access-Control-Allow-Origin : *");
header("Access-Control-Allow-Credentials",true);
require_once('db.php');
require_once('Requests.php');
$uri = explode("/",$_SERVER['REQUEST_URI']);
if($uri[1] == "registrationForm"){
exit(Requests::regUser($_POST['userFullName'],$_POST['userLocation'],$_POST['userEmail'],$_POST['userPassword']));
}
else if($uri[1] == "loginForm"){
exit(Requests::authUser($_POST['userEmail'],$_POST['userPassword']));
}
?>
Router.php recieves the requests and redirect to requests.php to functions.
Requests.php
<?php
class Requests{
static function regUser($userFullName,$userLocation,$userEmail,$userPassword){
global $mysqli;
$userEmail = mb_strtolower(trim($userEmail));
$userPassword = password_hash(trim($userPassword), PASSWORD_DEFAULT);
$stmt = $mysqli->prepare("SELECT * FROM `users` WHERE `userEmail`=?");
$stmt ->bind_param("s",$userEmail);
$stmt->execute();
$result = $stmt->get_result();
$row=$result->fetch_assoc();
$stmt->close();
if($result->num_rows){
return 'exist';
}else{
$stmt = $mysqli->prepare("INSERT INTO `users`(`userFullName`, `userLocation`, `userEmail`, `userPassword`) VALUES (?,?,?,?)");
$stmt->bind_param("ssss",$userFullName,$userLocation,$userEmail,$userPassword);
$stmt->execute();
$stmt->close();
$stmt = $mysqli->prepare("SELECT * FROM `users` WHERE `userEmail` = ?");
$stmt->bind_param("s",$userEmail);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$stmt->close();
$_SESSION["id"] = $row["id"];
session_write_close();
return $_SESSION["id"];
}
}
static function authUser($userEmail,$userPassword){
global $mysqli;
$userEmail = mb_strtolower(trim($userEmail));
$userPassword = trim($userPassword);
$stmt = $mysqli->prepare("SELECT * FROM `users` WHERE `userEmail` = ?");
$stmt->bind_param("s",$userEmail);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$stmt->close();
if(isset($row["userEmail"])){
if(password_verify($userPassword,$row["userPassword"])){
return $_SESSION["id"];
}else{
return "false";
}
}else{
return 'false double';
}
}
}
?>
Problem is in authUser function. I initialize $_SESSION["id"] in regUser after registration ($_SESSION["id"] = $row["id"];) but from authUser php return null variable. My fetch requests:
function registr(event){
event.preventDefault();
const data = new FormData();
data.append("userFullName","Sinan Isgenderli");
data.append("userLocation","sinanLand");
data.append("userEmail","testmest6@gmail.ru");
data.append("userPassword","4");
fetch("http://myWebSite.com/registrationForm",{
method: 'POST',
mode: 'cors',
cache: 'default',
credentials:"same-origin",
body: data
})
.then(res=>res.text())
.then(
(res) =>console.log(res),
(error) =>console.log(error)
)
}
function login(event){
event.preventDefault();
const data = new FormData();
data.append("userEmail","testmest6@gmail.ru");
data.append("userPassword","4");
fetch("http://myWebSite.com/loginForm",{
method: 'POST',
credentials:"same-origin",
body: data
})
.then(res=>res.text())
.then(
(res) => console.log(res),
(error) =>console.log("00")
)
}
I tried these fetch code with another characters, for example: credentials:"include", mode:"cors" but it is not working.. Please, help me!
