assigning a variable to $_SESSion. when I echo that session its shows the one character example

$name="abcd"; this echo result is abcd. $_SESSION['abcd'] = $name; this echo result is 'a' char only

 <?php
include("dbConnect.php");
if (isset($_POST['username'])) {
    $name = $_POST['username'];
    $_SESSION = $name;
}
if (isset($_POST['password'])) {
    $password = $_POST['password'];
    $_SESSION = $password;
}

try { 

    $conn = connect(); 

    $sql="SELECT id,employee_name,email,phone,password,image,created_on FROM handel WHERE employee_name = '$name' AND password = '$password' ";
    $result=mysqli_query($conn,$sql);

    close($conn);

} catch (Exception $e) { 
    //echo $e->errorMessage(); 
    close($conn);
    errorPage();
}
    // Associative array
    $data = mysqli_fetch_array($result,MYSQLI_ASSOC);
    print_r($data);
    echo $operatorId = $data['id'];
    echo $_SESSION['employee_name'] = $data['employee_name'];
    $_SESSION['email'] = $data['email'];
    $_SESSION['phone'] = $data['phone'];
    $_SESSION['password']=$data['password'];
    $_SESSION['image']=$data['image'];
    $_SESSION['created_on']=$data['created_on'];
 ?>

$name="abcd"; this echo result is abcd. $_SESSION['abcd'] = $name; this echo result also show 'abcd'

1 Answers

2
Shudhansh Shekhar On Best Solutions

You have several serious problems with your written code and the result you are expecting.

$_SESSION = $name;

This is complete novice effort. $_SESSION is supposed to be an array. Always assign a session key for any value while setting session anywhere. You are assigning it directly a string $name. Hence it becomes a string. Again you are printing $_SESSION, So, obviously, it will return a, as it is a string now. You should provide a key for your name and password like:

$_SESSION['any_key1'] = $data['name'];
$_SESSION['any_key2'] = $data['password'];

You are also vulnerable to several SQL exploitations. Please do grasp some more PHP knowledge before implying this code practically anywhere. Also a good point as mentioned by @Magnus, using password as session is not a recommended approach. You must re-think over your code.