Setting sessions with with results from database

Cmarenburg · June 3, 2012, 9:01pm

Hey there,

i am trying to set sessions with results from a database. Here is the code i am trying.


session_start();
				foreach($y->execute($values['2']) as $row)
					{
						$_SESSION['id'] = $row['id'];
						$_SESSION['email'] = $row['email'];
						$_SESSION['name'] = $row['nameFirst'];
					}

I am sure there is an easier way of doing this.

Thanks!

kduv · June 3, 2012, 9:39pm

I’m not really sure what you’re asking. That code looks fairly simple. In what way are you looking to simplify it?

kduv · June 3, 2012, 9:45pm

I guess you could do something like this, which will assign your $_SESSION variables based on your DB column names:


<?php
session_start(); 
foreach($y->execute($values['2']) as $row) 
{ 
    $_SESSION = array_merge($_SESSION, $row);
} 
?>

Cmarenburg · June 3, 2012, 9:50pm

Ohh i guess i had not finished my thought. I am an getting a " Invalid argument supplied for foreach()" when i try this code. which to me means a) data is not being pulled from the database, or b) there is something wrong with the foreach. This is really the first time i have played with foreach

Here’s the almost complete section of code( this is the code that i am not sure is not working)

$query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password';
				$y = $pdo->prepare($query['2']);
				$values['2'] = array('email' => $email, 'password' => $password);
				
				//header('Refresh: 3; url=../../index.php');
				session_start();
				foreach($y->execute($values['2']) as $row)
					{
						$_SESSION['id'] = $row['id'];
						$_SESSION['email'] = $row['email'];
						$_SESSION['name'] = $row['nameFirst'];
					}

kduv · June 3, 2012, 10:02pm

execute() doesn’t return an array. It returns TRUE/FALSE on success/failure. You have to call fetch() to get an array. Try this:


<?php
$query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password'; 
$y = $pdo->prepare($query['2']); 
$values['2'] = array('email' => $email, 'password' => $password); 
$y->execute($values['2']);

//header('Refresh: 3; url=../../index.php'); 
session_start(); 
while ($row = $y->fetch()) 
{ 
    $_SESSION['id'] = $row['id']; 
    $_SESSION['email'] = $row['email']; 
    $_SESSION['name'] = $row['nameFirst']; 
}
?>

Cmarenburg · June 3, 2012, 10:20pm

Thanks. But after trying that still no luck. So i am not sure.



$query['1'] = 'SELECT COUNT(*) FROM users WHERE `email` = :email AND `password` = :password';

$x = $pdo-&gt;prepare($query['1']);
$values['1'] = array('email' =&gt; $email, 'password' =&gt; $password);

if($res = $x-&gt;execute($values['1'])){
		if($x-&gt;fetchColumn() == 1){	
				$query['2'] = 'SELECT * FROM users WHERE email= :email AND password= :password'; 
				$y = $pdo-&gt;prepare($query['2']); 
				$values['2'] = array('email' =&gt; $email, 'password' =&gt; $password); 
				$y-&gt;execute($values['2']);

				//header('Refresh: 3; url=../../index.php'); 
				session_start(); 
				while ($row = $y-&gt;fetch()){ 
    				$_SESSION['id'] = $row['id']; 
    				$_SESSION['email'] = $row['email']; 
    				$_SESSION['name'] = $row['nameFirst']; 
				}
			echo "&lt;div class=\\"sucess\\"&gt;\
&lt;p&gt;You have been logged in as {$row['email']}. This page well redirect you to our home page in 5 seconds or less&lt;/p&gt;/n&lt;/div&gt;";
			echo "&lt;p&gt;{$row['id']}, {$row['email']}, {$row['nameFirst']}&lt;/p&gt;";
			
				}
			}

chris_upjohn · June 3, 2012, 11:18pm

The session_start() function always needs to be called before functions that can output white space which a PDO query would do, you should consider moving it to be directly after <?php

Cmarenburg · June 3, 2012, 11:44pm

So In therory this should work right?


&lt;?php
session_start();
require_once('../connect.php');
require_once('../functions.php');

 if(isset($_SESSION['id'])){
	echo 'You are allready logged in!';
}

else {
$email = clean($_POST['email']);
$rawPasswd = clean(hash('sha384',$_POST['password']));
$salt['0'] = 'salty';
$salt['1'] = 'salty';
$password = $salt['0']."".$rawPasswd."".$salt['1'];

$query['1'] = 'SELECT COUNT(*) FROM users WHERE `email` = :email AND `password` = :password';

$x = $pdo-&gt;prepare($query['1']);
$values['1'] = array('email' =&gt; $email, 'password' =&gt; $password);

if($res = $x-&gt;execute($values['1'])){
		if($x-&gt;fetchColumn() == 1){	
				$query['2'] = 'SELECT * FROM users WHERE `email` = :email AND `password` = :password';
				$y = $pdo-&gt;prepare($query['2']);
				$values['2'] = array('email' =&gt; $email, 'password' =&gt; $password);
				$y-&gt;execute($values['2']);

				//header('Refresh: 3; url=../../index.php');
				while ($row = $y-&gt;fetch()){
    				$_SESSION['id'] = $row['id'];
    				$_SESSION['email'] = $row['email'];
    				$_SESSION['name'] = $row['nameFirst'];
				}
			echo "&lt;div class=\\"sucess\\"&gt;\
&lt;p&gt;You have been logged in as {$row['email']}. This page well redirect you to our home page in 5 seconds or less&lt;/p&gt;/n&lt;/div&gt;";
			echo "&lt;p&gt;{$row['id']}, {$row['email']}, {$row['nameFirst']}&lt;/p&gt;";
			
				}
			}
			else{
				echo "&lt;p class=\\"loginError\\"&gt;Your email or Password was wrong, please try again!&lt;/p&gt;";
				require('../../views/forms/login.php');
			}
}