Hello,

I am working on a tutorial for a login crud system. My problem is a bit stupid but for some reason I am having a difficult time figuring it out. Before I attach the code I will try to explain. I have a Users class that has a few methods that will delete a ‘remember me’ token if the cookie is hacked. The token is stored in a database table “B”. The main Users table “A” holds the primary id. Table “B” holds the foreign key “user_id”. My script detects if the cookie was tampered with, then this activates the script to delete the token in table “B”. First, I am unable to figure out how to get the current session user id, and second, how to use that to access table “B” id that is attached to given user_id.

Current session user → Table A id → table B user_id → table B id

If you look at method “updateRememberCredentials” there is a number 41 in the code. This was a test. One of the id’s in table “B” was 41. When you directly place the table “B” id number in this place all the code works perfectly. Unfortunately I need to dynamically access the data from the current user as stated above. If anybody can help I would appreciate the assistance.

I will paste some of my code. Please don’t hesitate to ask if more code is needed. BTW, the code is oop, which I am new to. Thanks

User class

class User { private $_db, $_data, $_sessionName, $_cookieName, $_isLoggedIn; public function __construct($user = null) { $this->_db = DB::getInstance(); $this->_sessionName = Config::get('session/session_name'); $this->_cookieName = Config::get('remember/cookie_name'); $this->checkRememberMe(); if(!$user) { if(Session::exists($this->_sessionName)) { $user = Session::get($this->_sessionName); if($this->find($user)) { $this->_isLoggedIn = true; } else { $this->_isLoggedIn = false; } } } else { $this->find($user); } } public function update($fields = array(), $id = null) { if(!$id && $this->isLoggedIn()) { $id = $this->data()->id; } if(!$this->_db->update('users', $id, $fields)) { throw new Exception('There was a problem in the update process'); } } public function updateRememberCredentials($identifier, $token) { $this->_db->update('users_session', 41, array( 'remember_identifier' => $identifier, 'remember_token' => $token )); }

DB class

public function query($sql, $params = array()) { $this->_error = false; if($this->_query = $this->_pdo->prepare($sql)) { $x = 1; if(count($params)) { foreach($params as $param) { $this->_query->bindValue($x, $param); $x++; } } if($this->_query->execute()) { if(substr($sql, 0, 6) === "SELECT"){ $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ); } else { $this->_results = null; } $this->_count = $this->_query->rowCount(); } else { $this->_error = true; } } return $this; } public function action($action, $table, $where = array()) { if(count($where) === 3) { $operators = array('=', '>', '<', '>=', '<='); $field = $where[0]; $operator = $where[1]; $value = $where[2]; if(in_array($operator, $operators)) { $sql = "{$action} FROM {$table} WHERE {$field} {$operator} ?"; if(!$this->query($sql, array($value))->error()) { return $this; } } } return false; } public function get($table, $where) { return $this->action('SELECT *', $table, $where); } public function update($table, $id, $fields = array()) { $set = null; $x = 1; foreach($fields as $name => $value) { $set .= "{$name} = ?"; if($x < count($fields)) { $set .= ', '; } $x++; } $sql = "UPDATE {$table} SET {$set} WHERE id = {$id}"; if(!$this->query($sql, $fields)->error()) { return true; } return false; }

This is the last thing I tried with no success.

$id = $this->_db->get("SELECT users_session.id FROM users_session LEFT JOIN users ON users_session.user_id=users.id WHERE users.id=:id");

Then I tried to place $id into the place where the number 41 is placed above.