Setting sessions with with results from database

[Cmarenburg]

Hey there,

i am trying to set sessions with results from a database. Here is the code i am trying.

PHP Code:

session_start();
                foreach($y->execute($values['2']) as $row)
                    {
                        $_SESSION['id'] = $row['id'];
                        $_SESSION['email'] = $row['email'];
                        $_SESSION['name'] = $row['nameFirst'];
                    } 


I am sure there is an easier way of doing this.

Thanks!

[kduv]

I'm not really sure what you're asking. That code looks fairly simple. In what way are you looking to simplify it?

[kduv]

I guess you could do something like this, which will assign your $_SESSION variables based on your DB column names:

PHP Code:

<?php
session_start(); 
foreach($y->execute($values['2']) as $row) 
{ 
    $_SESSION = array_merge($_SESSION, $row);
} 
?>

[Cmarenburg]

Ohh i guess i had not finished my thought. I am an getting a " Invalid argument supplied for foreach()" when i try this code. which to me means a) data is not being pulled from the database, or b) there is something wrong with the foreach. This is really the first time i have played with foreach

Here's the almost complete section of code( this is the code that i am not sure is not working)

PHP Code:

$query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password';
                $y = $pdo->prepare($query['2']);
                $values['2'] = array('email' => $email, 'password' => $password);
                
                //header('Refresh: 3; url=../../index.php');
                session_start();
                foreach($y->execute($values['2']) as $row)
                    {
                        $_SESSION['id'] = $row['id'];
                        $_SESSION['email'] = $row['email'];
                        $_SESSION['name'] = $row['nameFirst'];
                    } 


[kduv]

execute() doesn't return an array. It returns TRUE/FALSE on success/failure. You have to call fetch() to get an array. Try this:

PHP Code:

<?php
$query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password'; 
$y = $pdo->prepare($query['2']); 
$values['2'] = array('email' => $email, 'password' => $password); 
$y->execute($values['2']);

//header('Refresh: 3; url=../../index.php'); 
session_start(); 
while ($row = $y->fetch()) 
{ 
    $_SESSION['id'] = $row['id']; 
    $_SESSION['email'] = $row['email']; 
    $_SESSION['name'] = $row['nameFirst']; 
}
?>

[Cmarenburg]

Thanks. But after trying that still no luck. So i am not sure.

PHP Code:


$query['1'] = 'SELECT COUNT(*) FROM users WHERE `email` = :email AND `password` = :password';

$x = $pdo->prepare($query['1']);
$values['1'] = array('email' => $email, 'password' => $password);

if($res = $x->execute($values['1'])){
        if($x->fetchColumn() == 1){    
                $query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password'; 
                $y = $pdo->prepare($query['2']); 
                $values['2'] = array('email' => $email, 'password' => $password); 
                $y->execute($values['2']);

                //header('Refresh: 3; url=../../index.php'); 
                session_start(); 
                while ($row = $y->fetch()){ 
                    $_SESSION['id'] = $row['id']; 
                    $_SESSION['email'] = $row['email']; 
                    $_SESSION['name'] = $row['nameFirst']; 
                }
            echo "<div class=\"sucess\">\n<p>You have been logged in as {$row['email']}. This page well redirect you to our home page in 5 seconds or less</p>/n</div>";
            echo "<p>{$row['id']}, {$row['email']}, {$row['nameFirst']}</p>";
            
                }
            } 


[chris.upjohn]

The session_start() function always needs to be called before functions that can output white space which a PDO query would do, you should consider moving it to be directly after <?php

[Cmarenburg]

So In therory this should work right?

PHP Code:

<?php
session_start();
require_once('../connect.php');
require_once('../functions.php');

 if(isset($_SESSION['id'])){
    echo 'You are allready logged in!';
}

else { 
$email = clean($_POST['email']);
$rawPasswd = clean(hash('sha384',$_POST['password']));
$salt['0'] = 'salty';
$salt['1'] = 'salty';
$password = $salt['0']."".$rawPasswd."".$salt['1'];

$query['1'] = 'SELECT COUNT(*) FROM users WHERE `email` = :email AND `password` = :password';

$x = $pdo->prepare($query['1']);
$values['1'] = array('email' => $email, 'password' => $password);

if($res = $x->execute($values['1'])){
        if($x->fetchColumn() == 1){    
                $query['2'] = 'SELECT * FROM users WHERE `email` = :email AND `password` = :password'; 
                $y = $pdo->prepare($query['2']); 
                $values['2'] = array('email' => $email, 'password' => $password); 
                $y->execute($values['2']);

                //header('Refresh: 3; url=../../index.php');  
                while ($row = $y->fetch()){ 
                    $_SESSION['id'] = $row['id']; 
                    $_SESSION['email'] = $row['email']; 
                    $_SESSION['name'] = $row['nameFirst']; 
                }
            echo "<div class=\"sucess\">\n<p>You have been logged in as {$row['email']}. This page well redirect you to our home page in 5 seconds or less</p>/n</div>";
            echo "<p>{$row['id']}, {$row['email']}, {$row['nameFirst']}</p>";
            
                }
            }
            else{
                echo "<p class=\"loginError\">Your email or Password was wrong, please try again!</p>";
                require('../../views/forms/login.php');
            }
}