I'm missing something here, I can't seem to be able to call the userID and save it in the session. The plan is upon login, to store the userID for future changes. Right now I can't seem to store the userID in the session. I get Notice: Undefined index: userID in login.php on line 14.
<?php
session_start();
if (!isset($_POST['submit'])){
} else {
require_once("db_const.php");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
exit();
}
$userID = $_SESSION["userID"];
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * from userinfo WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
echo "<p>Invalid username/password combination</p>";
} else {
setcookie("username", time() +60*60*24*30*365);
$_SESSION['userID'] = $userID;
echo "<p>Logged in successfully!, Please close the window</p>";
}
}
?>
You never update $userID after setting it from the session itself. To solve this, fetch the result and store the fetched id:
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
echo "<p>Invalid username/password combination</p>";
} else {
$row = $result->fetch_assoc();
$_SESSION['userID'] = $row['userid']; //case sensitive
//etc.