My Login Function which Returns the Value $FoundAcc
function Login($Username,$Password){
global $ConnectingDB;
$sql = "SELECT admin FROM admin WHERE admin=:admin
AND password=:password LIMIT 1";
$stmt = $ConnectingDB->prepare($sql);
$stmt->bindValue(':admin',$Username);
$stmt->bindValue(':password',$Password);
$stmt->execute();
$Result = $stmt->rowcount();
if ($Result==1){
return $FoundAcc=$stmt->fetch();
}else{
return null;
}
}
My PHP login page should save the fetched Row from my DB and save it in a Session Variable (UserID) but It doesn’t, It Does however save the (Username)variable from the Row… What is wrong?
if(isset($_POST["submit"])){
$Username=$_POST["username"];
$Password=$_POST["password"];
//if username/password are empty show error//
if(empty($Username)||empty($Password)){
$_SESSION["ErrorMessage"] = "All Fields Must Be Filled Out!";
Redirect_to("Login.php");
}else{
$FoundAcc=Login($Username,$Password);
// if account and pw found in DB complete following
if ($FoundAcc){
//save variables from DB row to session variables
$_SESSION["UserID"]=$FoundAcc["id"];
$_SESSION["Username"]=$FoundAcc["admin"];
//show toast
$_SESSION["SuccessMessage"] = $_SESSION["UserID"]." Has Successfully Logged In ";
Redirect_to("Login.php");
}else{
$_SESSION["ErrorMessage"] = "Incorrect Username or Password!";
Redirect_to("Login.php");
}
}
}
Advertisement
Answer
The sql query should be like this:
$sql = "SELECT * FROM admin WHERE admin=:admin AND password=:password LIMIT 1";