I am trying to set some session data when my users login, so I can use the users Id and also other pieces of data:
the issue I find is now im using prepared statements if I select anything more and then the username in the select statement it fails.
$stmt = $conn->prepare("SELECT username, password FROM users WHERE username = ?");
$stmt->bind_param('s', $username);
If I include say id or email in the select it breaks.
I am also trying to get the user data form the database but if I try to bind data from the table to a session variable it dosn't pass it through.
if ($row = $stmt->fetch()) {
// Check if password matches
if (password_verify($_POST['upassword'], $password)) {
$_SESSION['username'] = $row['username'];
header('Location: ../index.php');
} else{
echo "Password is wrong!";
}
} else{
echo "Wrong username";
}
Im new to this way of coding so please be patient. I have started sessions in both this file and the destination file.
Error when adding more columns to select in the statment:
Warning: mysqli_stmt::bind_result(): Number of bind variables doesn't match number of fields in prepared statement in...
UPDATE
I am looking to retrieve the users details and set them to session variables so I can use them across the site once the user is logged in (providing the login is successful):
$stmt = $conn->prepare("SELECT id, email, username, password FROM users WHERE username = ?");
$stmt->bind_param('s', $username);
$username = $_POST['ulogin'];
$password = $_POST['upassword'];
$stmt->execute();
$stmt->bind_result($id, $email, $username, $password);
// Fetch & check user details
if ($row = $stmt->fetch()) {
// Check if password matches
if (password_verify($_POST['upassword'], $password)) {
// Set the session data here by getting the username, email, id etc..
header('Location: ../index.php');
} else{
echo "Password is wrong!";
}
} else{
echo "Wrong username";
}
$stmt->close();
$conn->close();