How to retrieve the id stored in a session?

I have a form that allows you to register and log in and a reservation form that allows you to choose a date and time. I would like to be able to retrieve the user id and in my ‘Bookings’ table in the ‘user_id’ field.

My Database looks like this :

My Database

And the form that fills my booking table :

<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);

$mysqli = new mysqli('localhost', 'root', 'root', 'bookingcalendar');
if(isset($_GET['date'])){
    $date = $_GET['date'];
    $stmt = $mysqli->prepare("select * from bookings where date = ?");
    $stmt->bind_param('s', $date);
    $bookings = array();
    if($stmt->execute()){
        $result = $stmt->get_result();
        if($result->num_rows>0){
            while($row = $result->fetch_assoc()){
                $bookings[] = $row['timeslot'];
            }
            $stmt->close();
        }
    }
}

if(isset($_POST['submit'])){
    $name = $_POST['name'];
    $timeslot = $_POST['timeslot'];
    $adresse = $_POST['adresse'];
    $telephone = $_POST['telephone'];
    $ville = $_POST['ville'];
    $stmt = $mysqli->prepare("select * from bookings where date = ? AND timeslot = ?");
    $stmt->bind_param('ss', $date, $timeslot);
    if($stmt->execute()){
        $result = $stmt->get_result();
        if($result->num_rows>0){
            $msg = "<div class='alert alert-danger'>Cette horaire est déja réservé</div>";
        }else{
            $stmt = $mysqli->prepare("INSERT INTO bookings 
                            (name,user_id, timeslot, date, adresse, telephone,ville)
                    VALUES(?,?,?,?,?,?,?)");
            $stmt->bind_param('sDsssss', $name,$_SESSION['user_id'], $timeslot, 
                                        $date, $adresse, 
                                        $telephone, $ville);
            $stmt->execute();
            $msg = "<div class='alert alert-success'>*Merci d'avoir pris rendez-vous chez Génération Céline Coiff</div>";
            $bookings[]=$timeslot;
            $stmt->close();
            $mysqli->close();
        }
    }
}

​x
 
<?phperror_reporting(E_ALL);ini_set("display_errors", 1);​$mysqli = new mysqli('localhost', 'root', 'root', 'bookingcalendar');if(isset($_GET['date'])){    $date = $_GET['date'];    $stmt = $mysqli->prepare("select * from bookings where date = ?");    $stmt->bind_param('s', $date);    $bookings = array();    if($stmt->execute()){        $result = $stmt->get_result();        if($result->num_rows>0){            while($row = $result->fetch_assoc()){                $bookings[] = $row['timeslot'];            }            $stmt->close();        }    }}​if(isset($_POST['submit'])){    $name = $_POST['name'];    $timeslot = $_POST['timeslot'];    $adresse = $_POST['adresse'];    $telephone = $_POST['telephone'];    $ville = $_POST['ville'];    $stmt = $mysqli->prepare("select * from bookings where date = ? AND timeslot = ?");    $stmt->bind_param('ss', $date, $timeslot);    if($stmt->execute()){        $result = $stmt->get_result();        if($result->num_rows>0){            $msg = "<div class='alert alert-danger'>Cette horaire est déja réservé</div>";        }else{            $stmt = $mysqli->prepare("INSERT INTO bookings                             (name,user_id, timeslot, date, adresse, telephone,ville)                    VALUES(?,?,?,?,?,?,?)");            $stmt->bind_param('sDsssss', $name,$_SESSION['user_id'], $timeslot,                                         $date, $adresse,                                         $telephone, $ville);            $stmt->execute();            $msg = "<div class='alert alert-success'>*Merci d'avoir pris rendez-vous chez Génération Céline Coiff</div>";            $bookings[]=$timeslot;            $stmt->close();            $mysqli->close();        }    }}​

In my ‘member’ table the id is stored like this:

<?php
session_start();
 
$bdd = new PDO('mysql:host=127.0.0.1;dbname=bookingcalendar', 'root', 'root');
 
if(isset($_POST['formconnexion'])) {
   $mailconnect = htmlspecialchars($_POST['mailconnect']);
   $mdpconnect = sha1($_POST['mdpconnect']); 
   if(!empty($mailconnect) AND !empty($mdpconnect)) {
      $requser = $bdd->prepare("SELECT * FROM membres WHERE mail = ? AND motdepasse = ?");
      $requser->execute(array($mailconnect, $mdpconnect));
      $userexist = $requser->rowCount();
      if($userexist == 1) {
         $userinfo = $requser->fetch();
         $_SESSION['user_id'] = $userinfo['user_id'];
         $_SESSION['pseudo'] = $userinfo['pseudo'];
         $_SESSION['mail'] = $userinfo['mail'];
         header("Location: index.php");

 
<?phpsession_start(); $bdd = new PDO('mysql:host=127.0.0.1;dbname=bookingcalendar', 'root', 'root'); if(isset($_POST['formconnexion'])) {   $mailconnect = htmlspecialchars($_POST['mailconnect']);   $mdpconnect = sha1($_POST['mdpconnect']);    if(!empty($mailconnect) AND !empty($mdpconnect)) {      $requser = $bdd->prepare("SELECT * FROM membres WHERE mail = ? AND motdepasse = ?");      $requser->execute(array($mailconnect, $mdpconnect));      $userexist = $requser->rowCount();      if($userexist == 1) {         $userinfo = $requser->fetch();         $_SESSION['user_id'] = $userinfo['user_id'];         $_SESSION['pseudo'] = $userinfo['pseudo'];         $_SESSION['mail'] = $userinfo['mail'];         header("Location: index.php");​

Answer

you’ve not written code to add user id, then it’s not gonna enter in db automagically.

First of all start session with this session_start();

Then change your code like following:

 $stmt = $mysqli->prepare
       ("INSERT INTO bookings (name, user_id, timeslot, date, adresse, telephone,ville)
        VALUES(?,?,?,?,?,?,?)");
 $stmt->bind_param('sdsssss', $name, $_SESSION['user_id'], $timeslot, $date, $adresse, $telephone, $ville);

 
 $stmt = $mysqli->prepare       ("INSERT INTO bookings (name, user_id, timeslot, date, adresse, telephone,ville)        VALUES(?,?,?,?,?,?,?)"); $stmt->bind_param('sdsssss', $name, $_SESSION['user_id'], $timeslot, $date, $adresse, $telephone, $ville);​

Here in insert query I’ve added user_id field and given it’s value in bind statement.

Advertisement

Answer