I am trying to set the session value to equal my customer ref from the database however I can't seem to get it to work properly. The echo is printing a 0 instead of the correct customer ref
Here is my code
<?php
if (isset($_POST['Login'])) {
$loginEmail = $_POST['loginEmail'];
$loginPassword = md5($_POST['loginPassword']);
// the db should only be queried if both email and password are filled in
if (empty($loginEmail) || empty($loginPassword)) {
$Error = "Email and Password can't be left blank";
}
else {
$sql = "SELECT customerRef FROM customer WHERE Email=? AND Password=?";
$stmt = mysqli_stmt_init($conn);
if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt, "ss", $loginEmail, $loginPassword);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id);
echo $id;
if (mysqli_stmt_num_rows($stmt) == 2) { // this is normally 1 i just changed it to 2 so i wouldnt be redirected everytime
// sets the session values
$_SESSION['valid'] = true;
$_SESSION['timeout'] = time();
$_SESSION['username'] = $_POST['loginEmail'];
header("Location: homepage.php");
die();
}
else {
$Error = "Username or password is incorrect";
}
}
}
// Close statement
$stmt->close();
// Close connection
$conn->close();
} //end of sign in isset
Any advice would be appreciated
You haven't actually called mysqli_stmt_fetch() so nothing will have been stored into $id.
From the documentation:
When mysqli_stmt_fetch() is called to fetch data, the MySQL client/server protocol places the data for the bound columns into the specified variables var1, ....
So add
mysqli_stmt_fetch($stmt);
after your call to mysqli_stmt_bind_result.