basically I have been pulling my hair out over an unknown problem with my PHP code.
CODE(login_config.php):
<?php
session_start(); //POST VARIABLES
$submit = $_POST['login_submit'];
$password = $_POST['login_password'];
$email = $_POST['login_email'];
if(isset($submit)){
require 'password_config.php';
require 'connect.php';
//PASSWORD VERIFYING
$pass_query = "SELECT password FROM users WHERE email='$email'";
$queried = mysql_query($pass_query);
while($row = mysql_fetch_array($queried)){
$user_pass = $row['password'];
$veri_password = password_verify($password, $user_pass);
}
if($veri_password != true){$errors[] = '-Account does not exist ';}
elseif($veri_password = true){
//CHECKING NUM ROWS
$sql = "SELECT id, username FROM users WHERE email='$email'";
$entered_user = mysql_query($sql);
$num_rows = mysql_num_rows($entered_user);
//STORING ID AS SESSION
while($row1 = mysql_fetch_array($entered_user)){
//PROBLEM IS HERE
$row1['id'] = $id;
}
//ERRS ARRAY ESTABLISHED
$errors = array();
//FURTHER VERIFYING
if( empty($password) || empty($email) )
{
$errors[] = 'Please do not leave fields empty';
}
elseif( $num_rows != 1 )
{
$errors[] = '-Account does not exist ';
}
elseif( $num_rows == 1 )
{
$id = $_SESSION['key'];
header('Location: profile.php');
exit();
}
}
}
?>
Question: Why is it that, when I get redirected to profile.php via header(), $_SESSION['key'] value is null? I have been using var_dump() to prove this. I want my session key to have a value of the user's id in my database and I see no problems with my code.
First of all $id variable is not defined anywhere.
Doing $row1['id'] = $id; means assigning $id value to $row1['id'] If you want to store user id in $id then you should use
$id = $row1['id'];
The same bug with $id = $_SESSION['key']; This means assiging $_SESSION['key'] to $id. If you want to store $id value in a session:
$_SESSION['key'] = $id;
There are 2 problems in your code as far i can see, both are you are running loop to fetch data so here is the code and i marked the lines where you are doing wring
<?php
session_start();
//POST VARIABLES
$submit = $_POST['login_submit'];
$password = $_POST['login_password'];
$email = $_POST['login_email'];
if(isset($submit)){
require 'password_config.php';
require 'connect.php';
//PASSWORD VERIFYING
$pass_query = "SELECT password FROM users WHERE email='$email'";
$queried = mysql_query($pass_query);
//while($row = mysql_fetch_array($queried)){ //no need to run loop here
$row = mysql_fetch_array($queried);
$user_pass = $row['password'];
$veri_password = password_verify($password, $user_pass);
// } //remove this too
if($veri_password != true){$errors[] = '-Account does not exist ';}
elseif($veri_password = true){
//CHECKING NUM ROWS
$sql = "SELECT id, username FROM users WHERE email='$email'";
$entered_user = mysql_query($sql);
$num_rows = mysql_num_rows($entered_user);
//STORING ID AS SESSION
//while($row1 = mysql_fetch_array($entered_user)){//no need to run loop here
$row1 = mysql_fetch_array($entered_user);
//PROBLEM IS HERE
//$row1['id'] = $id; // you can't store values in $id like this
$id = $row1['id']; // right way to do
} //remove this too
//ERRS ARRAY ESTABLISHED
$errors = array();
//FURTHER VERIFYING
if( empty($password) || empty($email) )
{
$errors[] = 'Please do not leave fields empty';
}
elseif( $num_rows != 1 )
{
$errors[] = '-Account does not exist ';
}
elseif( $num_rows == 1 )
{
$id = $_SESSION['key']; //again wrong you cant load $id into session
$_SESSION['key'] = $id; //right way to load $id variable value into session
header('Location: profile.php');
exit();
}
}
}
?>
Always include
ini_set("display_errors", "On");
ERROR_REPORTING(E_ALL);
As the first two lines in your code while testing, or change your test environment php.ini accordingly. This will give you all possible help/error statements from php
Second, remove any white space before the opening Php-tag When using session_start(); If there are spaces, as your code suggests, php will behave erratically.
Then look at your code again. /niels ml