0

I don't know why my PHP sessions are not working even if I set a session when logged in. I am using React with this code This is my login in React:

axios.post('http://localhost:80/api/login.php', sendData)
        .then((response) => {
            if (response.data === 'Invalid') {
                alert('Wrong Credentials');
            } else {
               navigate('/studentDashboard');
            }
        })
        .catch((err) => {
            console.log(err);
        })

And this is my Php login:

header("Access-Control-Allow-Headers:*");
header("Access-Control-Allow-Origin:*");
header("Access-Control-Allow-Methods:POST, GET, OPTIONS");
header("Content-Type:application/json;charset=UTF-8");
header("Access-Control-Allow-Headers:Content-Type, Access-Control-Allow-Headers,Authorization,X-Requested-with");

session_start();

$data = json_decode(file_get_contents("php://input"));
$studentID = $data->studentID;
$userpassword = $data->password;
$succes = true;

include 'dbConnection.php';

$sql = "SELECT id FROM `students` WHERE `studentID` = ? AND `password` = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss',  $studentID, $userpassword);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
  while ($row = $result->fetch_assoc()) {
    if ($row["id"] > 0) {
      $_SESSION['userid'] = $row["id"];
      
  echo json_encode('Valid');
    }
  }
} else {
  echo json_encode('Invalid');
}

$conn->close();

When the Login page renders I use useEffect to call a function that checks if there are sessions that are set, if there are sessions the page will be directly going to that session id that is set, and if not, the user will need to log in.

here is the function:

function sessionCheck() {
    axios.get('http://localhost:80/api/session.php')     
    .then((response) => {
        if (response.data === 'Valid') {
           navigate('/studentDashboard');
        }
    })
    .catch((err) => {
        console.log(err)
    })
}

and here is the PHP session check page:

header("Access-Control-Allow-Headers:*");
header("Access-Control-Allow-Origin:*");
header("Access-Control-Allow-Methods:POST, GET, OPTIONS");
header("Content-Type:application/json;charset=UTF-8");
header("Access-Control-Allow-Headers:Content-Type, Access-Control-Allow-Headers,Authorization,X-Requested-with");
header("Access-Control-Allow-Credentials: true");

include 'dbConnection.php';

session_start();
if(isset($_SESSION['userid'])) {
  echo json_encode('Valid');
}

The $_SESSION['userid'] becomes Undefined index.

Hilai
  • 11
  • 2
  • You have to pass `witCredentials: true` option to axios so it send cookies in requests because session id is stored in cookie. – Code Spirit Sep 03 '22 at 00:11
  • I dont find any witCredentials? can you give me a link on how to use it? – Hilai Sep 08 '22 at 01:50
  • Sry I meant withCredentials. https://stackoverflow.com/questions/43002444/make-axios-send-cookies-in-its-requests-automatically – Code Spirit Sep 08 '22 at 13:47

0 Answers0