The login system is working fine, but this should get the first_name, last_name and email from the user that are logged in and print out on the profile.php, but it's getting the first_name, last_name, email from the first record that are in my table. What's wrong?
login.php:
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST'){
$username = trim($_POST['username']);
try{
$Query = "SELECT * FROM users WHERE username = :username";
$statement = $conn->prepare($Query);
$statement->bindValue(':username', $username);
$statement->execute();
$user = $statement->fetch(PDO::FETCH_ASSOC);
$RowCount = $statement->rowCount();
} catch (PDOerrorInfo $e){}
if( $RowCount == 0 ){
// User doesn't exist
$_SESSION['message'] = "Don't exist a user with this e-mail!";
header("location: error.php");
} else{ // User exists
if( password_verify($_POST['password'], $user['password'])){
$_SESSION['email'] = $user['email'];
$_SESSION['first_name'] = $user['first_name'];
$_SESSION['last_name'] = $user['last_name'];
$_SESSION['username'] = $user['username'];
$_SESSION['logged_in'] = true;
header("location: profile.php");
} else {
$_SESSION['message'] = "Wrong password!";
header("location: error.php");
}
}
}
profile.php:
<?php
session_start();
if ( $_SESSION['logged_in'] != 1 ) {
$_SESSION['message'] = "You need to be logged in to view this page!";
header("location: error.php");
}
else {
$first_name = $_SESSION['first_name'];
$last_name = $_SESSION['last_name'];
$email = $_SESSION['email'];
}
?>
<!DOCTYPE html>
<html >
<head>
<meta charset="UTF-8">
<title>Welcome <?= $first_name.' '.$last_name ?></title>
<?php include 'css/css.html'; ?>
</head>
<body>
<div class="form">
<h1>Welcome</h1>
<h2><?php echo $first_name.' '.$last_name; ?></h2>
<p><?= $email ?></p>
<a href="logout.php"><button class="button button-block" name="logout"/>Log Out</button></a>
</div>
<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
<script src="js/index.js"></script>
</body>
</html>
Aucun commentaire:
Enregistrer un commentaire