I am trying to write a login/session page for the first time in oop style. When I run the script below, the page redirects, but when i try to echo session id, it does nothing shows. Am I doing this the right way?
<?php
session_start();
require_once('classes/function.php');
require_once('classes/user.php');
class Session{
private $is_logged_in = FALSE;
private $id ;
Public $ user_data;
private $email ;
public function logout(){
session_start();
unset($_SESSION['id']);
unset($this->id);
session_destroy();
$is_logged_in = FALSE;
Misc::redirect('index.php');
}
public function is_logged_in(){
return $this->is_logged_in ;
}
public function login($email, $password){
global $user;
global $misc;
if($misc->check_form()){
echo $this->error;
}
if (!MIsc::check_email_format($email)) {
echo "Email format is invalid";
}
$login_user = $user->authenticate($email, $password);
if($login_user){
$_SESSION['id'] = $this->id = $this->user_data['id'];
$_SESSION['email'] = $this->email = $this->user_data['email'];
$is_logged_in = TRUE;
Misc::redirect('127.0.0.1/users/index.php');
}
}
}
$session = new Session;
?>
my login page looks like this
<?php
require_once('classes/user.php');
require_once('classes/session.php');
require_once('classes/function.php');
if(isset($_POST['submit'])){
try{
$email =$_POST['email'];
$password = $_POST['password'];
$user = new Users;
$user->authenticate($email , $password);
$login = new session;
$login->login($email , $password);
}
catch (Exception $e){
$error = new Errors();
echo "<b>".$error->displayError($e)."</b>";
}
}
?>
$user_data is gotten from these methods
public function user_exist($email){
global $db;
$stmt = $db->dbh->prepare("SELECT id, password, email FROM $this->table WHERE `email`= :email LIMIT 1");
$stmt->bindValue(':email', $email);
$stmt->execute();
if($stmt->rowCount() == 1) {
$this->user_data = $stmt->fetch();
return TRUE;
} else {
throw new Exception('User do not exist');
}
}
/*
what does this method do
*/
public function authenticate($email, $password){
global $db;
$auth = $this->user_exist($email);
if($auth) {
if(password_verify($password, $this->user_data['password'])) {
return $this->user_data;
} else {
throw new Exception('Email/Password combination incorrect');
}
}
}