Jump to content

Recommended Posts

I changed my login page to use PDO. After researching, I can't seem to find a solution on how to pass variables that are not defined in the login page. I can pass the username and display it with no issues but the memberid and firstname doesn't pass no matter what I try.

  1. I'm trying to pass id and firstname - to display the first name. The id is to define who's logged in because data will be populating a database with existing info for that user.

  2. There are two databases, one with registration info - id, firstname, lastname, password.....
    The second database will populate examination info and will be linked with the registration database < again so it knows who's taking the exam.

Here's the code I've tried to pass the variables needed to landing page minus html.

 

Login.php

require_once('inc/config.php');

//check if already logged in move to home page
if( $user->is_logged_in() ){ header('Location: members.php'); } 

//process login form if submitted
if(isset($_POST['submit'])){
$memberID = $_POST['memberID'];
$firstname= $_POST['firstname'];
$email = $_POST['email'];
$password = $_POST['password'];

if($user->login($email,$password)){
$_SESSION['email'] = $email;
$_SESSION['memberID'] = $memberID;
$_SESSION['firstname'] = $firstname;
header('Location: members.php');
exit;

} else {
$error[] = 'Wrong email or password.';
}

}

?>

USER.php This is where I've added memberid and firstname but not passing.

<?php
include('password.php');
class User extends Password{

private $_db;

function __construct($db){
parent::__construct();

$this->_db = $db;
}

private function get_user_hash($username, memberID, firstname){ 

try {
$stmt = $this->_db->prepare('SELECT memberID, firstname, password FROM members WHERE username = :username AND active="Yes WHERE memberID = 
:memberID AND firstname = :firstname LIMIT 1" ');


$stmt->execute(array('memberID' => $memberID));
$stmt->execute(array('firstname' => $firstname));
$stmt->execute(array('username' => $username));

$row = $stmt->fetch();
return $row['password'];

} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}

public function login($username,$password){

$hashed = $this->get_user_hash($username);

if($this->password_verify($password,$hashed) == 1){

$_SESSION['loggedin'] = true;
return true;
} 
}

public function logout(){
session_destroy();
}

public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
} 
}

}

?>

LANDING PAGE Here's what I have at the top of the landing page.

<?php
session_start();
$_SESSION['memberID'] = $memberID['memberID'];
$_SESSION['firstname'] = $firstname['firstname'];
?>

And this in the html

<?php echo $_SESSION['memberID']; ?>
<?php echo $_SESSION['firstname']; ?>

If someone could help that would be great. I've worked all day on this and can't pass the variables to the landing page to the db. 

 

 

 

 

 

 

 

 

 

Do you have errors enabled?  Also, add "traps" along the way so you know you are executed the expected code.  Use var_dump() as applicable.  A couple of specifics...

 

Login.php

Is $user object created in inc/config.php?  If not, it doesn't exist.

Agree with requinx that $_POST['memberID'] and $_POST['firstname'] shouldn't be in the form.  If they should be, then they should also be used in the verifyaction query $user->login(), else they should be obtained from the DB.

Where is members.php?

 

LANDING PAGE.

Why set session with variables that are not defined?

 

html page

Not sure what you are trying to do.

I think you are not seeing the results you need because you are setting the sessions on the landing page instead of in the class. I think your login method should look similar to what's below:

public function login($username,$password){
//must start a session
session_start();

$hashed = $this->get_user_hash($username);

if($this->password_verify($password,$hashed) == 1){

/** memberID and firstname variables must be pulled from the database
on successful login in order for the sessions to be set. Similar to how
you are querying the database for those data elements in your
get_user_hash method. */

$_SESSION['loggedin'] = true;
$_SESSION['memberID'] = $memberID['memberID'];
$_SESSION['firstname'] = $firstname['firstname'];
return true;
}
}

The above code will still not give you the results you need, but the comment I've added about the database will help point you into the right direction.

Edited by parkerj
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.