I have the following code but in place of the user name it appears GUEST_NAME
, even after logged in.
I already checked if I'm using the correct table and I used session_start()
;
MEMBERPAGE.PHP (where GUEST_NAME
appears):
<?php require('inc/config.php');
print_r($_SESSION);
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
?>
<h2>Member:
<?php echo $_SESSION ['username'] ?></h2>
This is the result of: print_r($_SESSION);
:
Array ( [last_log] => 1416320535
[token] => ca6135136e3fa541d17b31af4ec66e1be05e187f
[user] => 1
[username] => GUEST_NAME
[url] => /tvfootball2k15/en/members/main.php
[loggedin] => > 1 )
INC / CONFIG.PHP
<?php
ob_start();
session_start();
//set timezone
date_default_timezone_set('Europe/London');
//database credentials
define('DBHOST','localhost');
define('DBUSER','root');
define('DBPASS','');
define('DBNAME','mydb');
//application address
define('DIR','http://domain.com/');
define('SITEEMAIL','[email protected]');
try {
//create PDO connection
$db = new PDO("mysql:host=".DBHOST.";dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
//show error
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
exit;
}
//include the user class, pass in the database connection
include('classes/user.php');
$user = new User($db);
?>
CLASSES / USER.PHP
<?php
include('password.php');
class User extends Password{
private $_db;
function __construct($db){
parent::__construct();
$this->_db = $db;
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
$row = $stmt->fetch();
return $row['password'];
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}
public function login($username,$password){
$hashed = $this->get_user_hash($username);
if($this->password_verify($password,$hashed) == 1){
$_SESSION['loggedin'] = true;
return true;
}
}
public function logout(){
session_destroy();
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
}
?>
Why does GUEST_NAME
still appear? How to return the username
of the logged in user?