Display user ID in URL in PHP

0

Hello, I'm trying to get the user ID displayed in the url when it logs in. I made a function that receives the login and password of the user and returns the ID. But when the user logs in, the ID that shows in the URL is always '0'. Regardless of which users log in.

index.php

    <form method="POST" action="conteudo.php" name="logar">
        <fieldset>
            <label>
                <input type="text" name="usuario" placeholder="LOGIN"/>
            </label>
            <br><br>
            <label>
                <input type="password" name="pass" placeholder="SENHA"/>
            </label><br><br>
            <input type="submit" name="enviar" value="ACESSAR"/>
            <input type="submit" name="cadastrar" value="CADASTRAR"/>
        </fieldset>
    </form>

content.php

if($_POST['enviar']){
    $login = $_POST['usuario'];
    $senha = sha1($_POST['pass']);

    if(verificaUsuario($conexao,$login,$senha)){
        $id = pegandoID($conexao,$login,$senha);
        header("Location: principal.php?id={$id}");PASSANDO ID PARA URL AQUI

    }elseif(!verificaUsuario($conexao,$login,$senha)){
        header("Location:index1.php?erro=#");
    }
}elseif($_POST['cadastrar']){
        header("Location: cadastro.php");
}

banco.php

include "config/config.php";

try{
    $conexao = new PDO("mysql:host={$servidor};port=3306;dbname={$banco}",$usuario,$senha);
}catch(PDOException $error){
    echo "Erro: " . $error->getMessage() . "<br>";
    die();
}function pegandoID($conexao,$login,$senha){
    $sql = $conexao->exec("SELECT id FROM usuarios WHERE login='$login' AND senha='$senha'");
    return $sql;}
    
asked by anonymous 16.08.2017 / 16:35

1 answer

0

Try this out

include "config/config.php";

try{
    $conexao = new PDO("mysql:host={$servidor};port=3306;dbname={$banco}",$usuario,$senha);
}catch(PDOException $error){
    echo "Erro: " . $error->getMessage() . "<br>";
    die();
}

function pegandoID($conexao,$login,$senha){
    $sql = $conexao->query("SELECT id FROM usuarios WHERE login='$login' AND senha='$senha'")->fetch(PDO::FETCH_ASSOC);
    /*Aqui retorna um array, e sabemos que será apenas uma linha.
      Então trata ele e retorna so o id que você precisa.*/
    return $sql['id'];
}

Suggestion:

-> sha1 - You'd better use crypt () , it's safer , I'd risk it until you could not roll a decrypt into it.

-> config / config.php - Try not to leave variables with bank config in php, you could have a file reference only to fetch these values, like an xml, or using the lib qo laravel uses phpdotenv

    
16.08.2017 / 19:45