UPDATE not going through

[9three]

Hey,

 

I have a log in script that I'm trying to set the session into a table and then retrieve it for further use later. But it's not updating the table properly. In fact, it's not updating at all.

 

$user = new User('localhost', 'root', '', 'db');
    $username = sanitize($_POST['username']);
    $password = sanitize($_POST['password']);
    
    if ($user->loginUser($username, $password)) {
      session_start();
      $user->setSession(session_id());
      $_SESSION['firstname'] = $user->getFirstname();
      $_SESSION['lastname'] = $user->getLastname();
      $_SESSION['username'] = $user->getUsername();
      $_SESSION['email'] = $user->getEmail();
      $_SESSION['logged'] = md5('true');
      $_SESSION['id'] = $user->getSession();
      //header('Location: index.html');
      echo $user->getSession() .'SESSION! <br />';
    }
    else {
      $error = 'Wrong username/password';
    }

 

If you see I'm setting the session_id into the object and then I'm using getSession() to store it into a session.

 

I echoed out getSession() and it's empty.

 

I think the problem relies in the setSession method.

public function setSession($strSession) {
    $this->hDB->query("UPDATE user 
                       SET session = '$strSession' 
                       FROM user 
                       WHERE id = '$this->getID'");
    $result = $this->hDB->query("SELECT session 
                                 FROM user 
                                 WHERE id = '$this->getID'");
    $row = $result->fetch_row();
    $this->session = $row[0];
  }

 

I echoed getID() and it returns the correct 'id'.

 

Anyone lend a hand?

[dzelenika]

Try to echo SQL command before executing.

Then copy/paste in some SQL query tool to see if it is working.