php session variables inside a function

Question

I am trying to have my function return both the username and the roleid. Here is the code that i have for this task:

session_start();
if($_SESSION['LoggedIn']){
$username = $_SESSION['username'];
function getUserRole($username, $roleid){
    $con = dbConnect();
    $query = "select * from user inner join userrole on user.id = userrole.userid inner join role on role.id = userrole.roleid where username = :username and roleid = :roleid";
    $sql = $con->prepare($query);
    $sql->bindValue(':username', $username);
    $sql->bindValue(':roleid', $roleid);
    $sql->execute();
    $row = $sql->fetch();
    $username = $row['username'];
    $roleid = $row['roleid'];

    if($row > 0){
        return  $username . $roleid;
    } else {
        return false;
    }
}

print getUserRole($username, $roleid);
}

I have three tables that look like this:

mysql> select * from role;
+---------------+----------------------------------+
| id            | description                      |
+---------------+----------------------------------+
| administrator | add, remove and edit manuscripts |
| reviewer      | review manuscripts               |
| site user     | read manuscripts                 |
+---------------+----------------------------------+
3 rows in set (0.00 sec)

mysql> select * from userrole;
+--------+---------------+
| userid | roleid        |
+--------+---------------+
|      1 | administrator |
|      2 | revinothingewer      |
|      3 | other         |
+--------+---------------+
3 rows in set (0.01 sec)

mysql> select * from user;
+----+----------+----------------------------------+
| id | username | password                         |
+----+----------+----------------------------------+
|  1 | kamau    | 80ce10e582e13ec085f13409c3add5a4 |
|  2 | admin    | db43b86da58631629adada27f1db5841 |
|  3 | amaina   | 7fc961ec5b6b5d51d2445e97775bfc0d |
+----+----------+----------------------------------+

The roleid value is derived from the following script:

$query = "select * from user inner join userrole on user.id = userrole.userid inner join role on role.id = userrole.roleid";
    $sql = $con->prepare($query);
    $sql->execute();
    $row = $sql->setFetchMode(PDO::FETCH_ASSOC);
    while ($row = $sql->fetch()){ 
    $roleid = $row ['roleid'];
    }

My question is why is var_dump (getUserRole($username,$roleid)) returning false?

`var_dump(getUserRole($username, $roleid));` still "nothing"?! — Rizier123, May 31 '16 at 10:51
Are there any errors? Have you turned on error logging? [See how to do that here](http://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display) — Henders, May 31 '16 at 10:53
Is this all your code? Where are `$username` and `$roleid` defined? — Incredibly HandSome Samuel, May 31 '16 at 10:53
Printing `false` will result in empty string. Use `var_dump` for that. — Justinas, May 31 '16 at 10:54
Looks like `$row` is not greater than 0 if it's returning false. Seems to be working as designed, right? — Henders, May 31 '16 at 10:58
@SuperCoolHandsomeGelBoy This is just a snippet. $username is defined above this code as $username = $_SESSION['username'] $roleid is not defined. — Maina Mailu, May 31 '16 at 10:59
@MainaMailu if your question refers to sessions but you decide not to show us that vital detail. How do you expect us to help if you only show us half a problem? — Martin, May 31 '16 at 11:00
Your title showed session variables and in the detail there is nothing..how can the solution be retrieved? — Megan Fox, May 31 '16 at 11:01
You still have not specified what `roleid` is and so yor function is stll failing,. please use PHP error logging as a matter of urgency. It will tell you exactly why your code is failing. — Martin, May 31 '16 at 11:10
@RahulDasGupta see the edited question above. $roleid now has a value but still returning false — Maina Mailu, May 31 '16 at 12:13
print getUserRole($username, $roleid); where you declaring $roleid variable. — Kaja Mydeen, May 31 '16 at 12:16

score 2 · Accepted Answer · answered May 31 '16 at 13:07

2

why is var_dump (getUserRole($username,$roleid)) returning false? Because

if($row > 0){

Every time this condition going to false part so only. If you want get username and roleid. You have to do following steps. 1. You know username.

$username = $_SESSION['username'];

2. You need to know roleid. So get roleid value by using following code.

$con = dbConnect();
$query = "SELECT roleid FROM user JOIN userrole ON user.id = userrole.userid WHERE user.username = :username";
$sql = $con->prepare($query);
$sql->bindValue(':username', $username, PDO::PARAM_STR);
$sql->execute();
$row = $sql->fetch();
$roleid = $row['roleid'];

Thats it. Now you know username value and roleid value. Keep it simple buddy. Cheers.

answered May 31 '16 at 13:07

Kaja Mydeen

569
7
13

fyi, `$sql->execute(array('username' => $username));` and don't bother with the `bindValue`. Note: the leading colon is not required on the placeholder name in the `bindValue`. imo, only use `bindValue if accessing `blobs`. Good answer by the way. – Ryan Vincent May 31 '16 at 13:15
Thank you. @RyanVincent. – Kaja Mydeen May 31 '16 at 13:25
Perfect @kaja Mydeen. This is the answer that i was looking for. Simple is best – Maina Mailu May 31 '16 at 13:26

score 1 · Answer 2 · edited May 23 '17 at 11:52

...

After Question Editing 1 By OP

What is the value of $roleid? You have at this point still not set what the value of roleid plugged into the function is so the function is not running and PHP is returning an error (which you are failing to detect).

After Further Question Editing By OP

You need to think about your logic and think about what you are actually doing. You seem like you're trying to run before you can walk.

The function getUserRole takes two parameters, you only pass one non-null parameter, so the value of $roleid within the function will always be null.

Your SQL:

"SELECT * FROM user INNER JOIN userrole ON user.id = userrole.userid 
INNER JOIN role on role.id = userrole.roleid WHERE username = :username
 AND roleid = :roleid"

Read this query, actually read it and establish what it is doing. You are looking for values from the tables where username = <value> and roleid = <value>, but the value of roleid is null because nothing has been passed to the function from the page script.

So you are looking for username value where there is a NULL roleid value, and your tables show that every roleid value is populated so that will always only ever return nothing values.

Also, because you're using INNER JOIN it means if any part of the query returns nothing, the query as a whole will return nothing, so this is why you're getting no response.

This is the principle reason why your SQL is returning false

You need to also fix your definitions, as you are referencing more than one table, each table column should be referenced as <table_name>.<column_name> such as

   user.id = userrole.userid

Throughout your SQL query.

How To Fix it:

Several options:

Use LEFT JOIN instead of INNER JOIN.
Set the value of roleid as being not-null in the function or the page call to the function.
remove roleid from the function parameters and instead derive the value from a separate SQL query at the start of the function.

The choice is yours. Please read what you're actually requesting the Database to do, to understand why it doesn't do it. Also employ error logging for helpful feedback!

Useful Links:

@MainaMailu I have updated my answer to explain to you what your problem is. Pleas let me know if this solves it or if there's other isses. Cheers — Martin, May 31 '16 at 12:12
See edited question for value of $roleid. var_dump still returning false. — Maina Mailu, May 31 '16 at 12:14
Please read my answer fully. Your edited question still does not pass a value for `$roleid` *into* the function. @MainaMailu — Martin, May 31 '16 at 12:17

php session variables inside a function

2 Answers2

How To Fix it: