0

I´m very new to PHP. Im trying to send username and email as $_SESSION to index.php. I have tried resetting the pointer with mysql_data_seek($result,0); and then use mysql_fetch... Thanks in advance for your help.

$query = "SELECT * FROM `users` WHERE username='$username' and password='".md5($password)."'";
    $result = mysqli_query($con,$query) or die(mysql_error());
    $rows = mysqli_num_rows($result);
    if($rows==1){

        $_SESSION['email'] ="emailcolumn in $result"; //<---- How to set this?
        $_SESSION['username'] = $username;
        header("Location: index.php"); // Redirect user to index.php
        }else{
Thomas
  • 27
  • 1
  • at the beginig at session_start() – Masivuye Cokile Jun 23 '17 at 09:45
  • You are also mixing the APIs – Masivuye Cokile Jun 23 '17 at 09:47
  • 3
    **Never store passwords hashed by md5!** PHP provides [`password_hash()`](https://php.net/manual/en/function.password-hash.php) and [`password_verify()`](https://php.net/manual/en/function.password-verify.php) please use them. If you are using a PHP version prior to 5.5 [there is a compatibility pack available here](https://github.com/ircmaxell/password_compat). Make sure you [**don't escape passwords**](https://stackoverflow.com/q/36628418/5914775) or use any other cleansing mechanism on them before hashing. Doing so changes the password and causes unnecessary additional coding. – Tom Udding Jun 23 '17 at 09:51

3 Answers3

7
$result= mysqli_fetch_assoc($result); //make the result an associative array
 $_SESSION['email'] = $result['email_column']; <--This is how we extract value from an associative array

Make sure you start the session at the top of your script (session_start()) Thanks to @Mayank for pointing this out

Shobi
  • 7,145
  • 3
  • 34
  • 57
0

Put session_start() at the first line of the code and than set session like:

$_SESSION['email']
Mayank Pandeyz
  • 23,243
  • 3
  • 29
  • 52
0

Use mysqli_fetch_assoc($result) to get data

$query = "SELECT * FROM `users` WHERE username='$username' and password='".md5($password)."'";
$result = mysqli_query($con,$query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if($rows==1){

    $data = mysqli_fetch_assoc($result);
    $_SESSION['email'] = $data['your_column_name']; 

    $_SESSION['username'] = $username;
    header("Location: index.php"); // Redirect user to index.php
    }else{
Skyd
  • 509
  • 3
  • 18