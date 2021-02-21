OOP PHP CRUD problem - registration/login system

PHP
#1

Hello,
I am working on a tutorial for a login crud system. My problem is a bit stupid but for some reason I am having a difficult time figuring it out. Before I attach the code I will try to explain. I have a Users class that has a few methods that will delete a ‘remember me’ token if the cookie is hacked. The token is stored in a database table “B”. The main Users table “A” holds the primary id. Table “B” holds the foreign key “user_id”. My script detects if the cookie was tampered with, then this activates the script to delete the token in table “B”. First, I am unable to figure out how to get the current session user id, and second, how to use that to access table “B” id that is attached to given user_id.

Current session user → Table A id → table B user_id → table B id

If you look at method “updateRememberCredentials” there is a number 41 in the code. This was a practice. One of the table “B” id was 41. When you directly place the id number in this place all the code works perfectly. Unfortunately I need to dynamically access the data from the current as stated above. If anybody can help I would appreciate the assistance.

I will paste some of my code. Please don’t hesitate to ask if more code is needed. BTW, the code is oop, which I am new to. Thanks

User class

 class User {        
	    private $_db,
			$_data,
			$_sessionName,
			$_cookieName,
			$_isLoggedIn;				
	
	public function __construct($user = null) {
		$this->_db = DB::getInstance();	
		$this->_sessionName = Config::get('session/session_name');
		$this->_cookieName = Config::get('remember/cookie_name');
        $this->checkRememberMe();
		if(!$user) {
			if(Session::exists($this->_sessionName)) {
				$user = Session::get($this->_sessionName);   
                
				if($this->find($user)) {
					$this->_isLoggedIn = true;
				} else {
					                    
					$this->_isLoggedIn = false;                                             
				}
			}
		} else {
			$this->find($user);
		}
	}
	
	public function update($fields = array(), $id = null) {			
		if(!$id && $this->isLoggedIn()) {
			$id = $this->data()->id;
		}
		
		if(!$this->_db->update('users', $id, $fields)) {
			throw new Exception('There was a problem in the update process');
		}
	}
 public function updateRememberCredentials($identifier, $token) { 
  $this->_db->update('users_session', 41, array(
           'remember_identifier' => $identifier,//$identifier,
           'remember_token' =>  $token  //$token,
           
       ));            
    } 

  DB class

public function query($sql, $params = array()) {
        $this->_error = false;
        if($this->_query = $this->_pdo->prepare($sql)) {                
            $x = 1;
            if(count($params)) {
                foreach($params as $param) {
                    $this->_query->bindValue($x, $param);
                    $x++;                       
                }                   
            }               

            if($this->_query->execute()) {               
                if(substr($sql, 0, 6) === "SELECT"){
                    $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
                } else {
                     $this->_results = null;
                }  
                $this->_count = $this->_query->rowCount();
            } else {
                $this->_error = true;
            }
        }
        return $this;
    }

    public function action($action, $table, $where = array()) {
		if(count($where) === 3) {
			$operators = array('=', '>', '<', '>=', '<=');
			
			$field		= $where[0];
			$operator	= $where[1];
			$value		= $where[2];
			
			if(in_array($operator, $operators)) {
				$sql = "{$action} FROM {$table} WHERE {$field} {$operator} ?";
				
				if(!$this->query($sql, array($value))->error()) {
					return $this;
				}
			}
		}
		return false;
	}
	
	public function get($table, $where) {
		return $this->action('SELECT *', $table, $where);
	}

This is the last thing I tried with no success.

 $id = $this->_db->get("SELECT users_session.id
            FROM users_session  
            LEFT JOIN users
            ON users_session.user_id=users.id
            WHERE users.id=:id");

Then I tried to place $id into the place where the number 41 is placed above.