I have been expanding on this pre-built php login system. The first code block is a file called user.php and I believe its loaded when the user logs in. I've added to it, for example
For when I want to add extra columns to the database and echo it out.
'depot' and $_SESSION['depot'] = $row['depot'];
My problem is when I am building the profile page editing this data doesn't update unless the user logs out and logs back in.
What is a good way to fix this. Do I need to remove the additions I make to the user.php and create a new SELECT statment and array in profile.php. or can I somehow refresh the variables in user.php?
user.php
<?php
include('password.php');
class User extends Password{
private $_db;
function __construct($db){
parent::__construct();
$this->_db = $db;
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password, username, firstname, lastname, phone, memberID, user_level, credit, email, depot FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
return $stmt->fetch();
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}
public function login($username,$password){
$row = $this->get_user_hash($username);
if($this->password_verify($password,$row['password']) == 1){
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['firstname'] = $row['firstname'];
$_SESSION['lastname'] = $row['lastname'];
$_SESSION['phone'] = $row['phone'];
$_SESSION['memberID'] = $row['memberID'];
$_SESSION['user_level'] = $row['user_level'];
$_SESSION['credit'] = $row['credit'];
$_SESSION['email'] = $row['email'];
$_SESSION['depot'] = $row['depot'];
return true;
}
}
public function logout(){
session_destroy();
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
}
?>
Example of profile.php
profile.php
<?php require('includes/config.php');
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
//define page title
$title = 'Profile Page';
//include header template
require('layout/header-active.php');
?>
<div id="Holder">
<div class="container">
<div class="row">
<div class="col-lg-6 col-lg-offset-3">
<h1> Account Information </h1>
<p>Username: <?php echo $_SESSION['username']; ?></p>
<p>First Name: <?php echo $_SESSION['firstname']; ?></p>
<p>Last Name: <?php echo $_SESSION['lastname']; ?></p>
<p>Phone: <?php echo $_SESSION['phone']; ?></p>
<p>Email: <?php echo $_SESSION['email']; ?></p>
<p>Member ID: <?php echo $_SESSION['memberID']; ?></p>
<hr>
<h3>Global Settings</h3>
<form class="" action="" method="post">
<div class="form-group">
<label>Depot:</label> <input type="text" name="depot" class="form-control" value="<?php echo $_SESSION['depot']; ?>" />
</div>
<input type="submit" name="submit" value="Submit" class="btn btn-primary">
</form>
<?php
include('connect-db.php');
if (isset($_POST['submit']))
{
$memberID = $_SESSION['memberID'];
$depot = $_POST['depot'];
mysqli_query($conn, "UPDATE members SET depot='$depot' WHERE memberID='$memberID'")
or die(mysqli_error());
header("Location: profile.php");
}
?>
<?php
//include header template
require('layout/footer.php');
?>