I've been trying to troubleshoot a problem I have but I've had no luck so far.
I have a profile page that echoes the user's first and last name. This function works when users first register. The problem is, however, that when the user logs out (ending session) and logs back in and goes back to his/her profile page, the first and last names do not show, leaving instead blanks.
To better clarify consider the pathways:
1.User registers -> profile displays first and last name 2.User logs in -> profile does not display first and last name
Here are the codes pertaining to this issue (I already have session_start() at the top of each page I have; also, my variables, reg form and login form are under one php enclosure):
Variables:
<?php
error_reporting(E_ALL ^ E_NOTICE);
$reg = $_POST['reg'];
//initializing registration variables to prevent errors
$fn = ""; //first name
$ln = ""; //last name
$em = ""; //email
$em2 = ""; //email 2
$pass = ""; //password
$bday = ""; //birthday
$sud = ""; //sign up date
$em_check =""; //check if email exists
//registration variables + form
$fn = mysqli_real_escape_string($con, $_POST['first_name']);
$ln = mysqli_real_escape_string($con, $_POST['last_name']);
$em = mysqli_real_escape_string($con, $_POST['email']);
$em2 = mysqli_real_escape_string($con, $_POST['email2']);
$pass = mysqli_real_escape_string($con, $_POST['password']);
$bday = date("Y");
$sud = date("Y-m-d H:i:s"); // Year - Month - Day
Registration Form:
if(isset($_POST['reg'])) {
if($em==$em2) {
//check if email already exists
$emSQLI = "SELECT email FROM `users` WHERE email='$em'";
$em_check = mysqli_query($con, $emSQLI); //checks whether both entered emails are identical
$check = mysqli_num_rows($em_check); //count the amount of rows where email = $em
if ($check == 0) {
//check if all fields have been filled
if($fn && $ln && $em && $em2 && $pass && $bday) {
//check the maximum length of relevant fields
if(strlen($fn)>90||strlen($ln)>90) {
echo "Maximum limit for first/last names is 90 characters.";
}
else{
if (strlen($pass)<6||strlen($pass)>99) {
echo "Password must be between 6 and 99 characters long.";
}
else {
$pass = md5($pass);
$regSQLI = "INSERT INTO users (id, email, birth_date, first_name, last_name, password, sign_up_date, activated) VALUES ('','$em','$bday','$fn','$ln','$pass','$sud','0')";
$regQuery = mysqli_query($con, $regSQLI);
//variables that will be passed over from the register fields to forthcoming sessions
$_SESSION["email_login"] = $em;
$_SESSION["first_name"] = $fn;
$_SESSION["last_name"] = $ln;
}
}
header("location: profile.php");
exit();
}
else {
echo '<div id="regerrormsg">Please fill in all required fields. </div>';
}
}
else {
echo '<div id="regerrormsg"> Email is already registered. </div>';
}
}
else {
echo '<div id="regerrormsg">Entered emails do not match. </div>';
}
}
Log In Form:
if(isset($_POST['email_login']) && isset($_POST['pass_login'])) {
$email_login = mysqli_real_escape_string($con, $_POST['email_login']);
$pass_login = mysqli_real_escape_string($con, $_POST['pass_login']);
$pass_login = md5($pass_login);
$logquery = "SELECT id FROM users WHERE email='$email_login' AND password='$pass_login' LIMIT 1";
$sqli = mysqli_query($con, $logquery);
$userCount = mysqli_num_rows($sqli); // Count number of rows returned
// checks the database for respective items
if ($userCount == 1) { //if the search finds a matching record of the login input form
while( $row = mysqli_fetch_assoc($sqli)) { // use fetch_assoc
$id = $row["id"];
}
$_SESSION["email_login"] = $email_login;
$_SESSION["first_name"] = $fn;
$_SESSION["last_name"] = $ln;
header("location: home.php");
exit();
}
else {
echo '<div id="regerrormsg">Login information is invalid. </div>';
}
}
And finally, the profile page that displays the names:
<?php
session_start();
include ( "./inc/connect.inc.php");
if(!isset($_SESSION["email_login"])) {
header("location: index.php");
exit();
}
else {
}
?>
<?php
echo "Delighted to have you here, " .$_SESSION["first_name"]." ".$_SESSION["last_name"].".";
?>
I am stuck and would like help in troubleshooting this, thank you!
EDIT: Here are the html codes:
Login Form:
<form action="index.php" method="POST">
<input type="email" name="email_login" size="60" placeholder="Email" /><br /><br /><br />
<input type="password" name="pass_login" size="60" placeholder="Password" /><br /><br /><br />
<input type="submit" name="login" id="login" value="LOG IN">
</form>
Register Form:
<form action="index.php" method="POST">
<input type="text" name="first_name" size="15" placeholder="First name" /><br /><br /><br />
<input type="text" name="last_name" size="15" placeholder="Last name" /><br /><br /><br />
<input type="email" name="email" size="15" placeholder="Email" /><br /><br /><br />
<input type="email" name="email2" size="25" placeholder="Re-enter email" /><br /><br /><br />
<input type="password" name="password" size="15" placeholder="New password" /><br /><br /><br />
<p5>Birthyear</p5><br />
<div id="date1" class="datefield">
<input id="birth_year" type="tel" name="birth_year" maxlength="4" placeholder="YYYY" />
</div>
<input type="submit" name="reg" value="Sign Up"><br />
</form>