Member Avatar for sahilmohile15

Hello friends, I am having a confusion in my script please explain me what is it doing i don't know what it is i don't understand sessions very well, so please explain it

if (isset($_SESSION['SBUser'])) {
    $user_id =*** $_SESSION['SBUser']***;
    $query = $db->query("SELECT * FROM users WHERE id = '$user_id'");
    $user_data = mysqli_fetch_assoc($query);
    $fn =  explode(' ', $user_data['full_name']);
    $user_data['first'] = $fn['0'];
    $user_data['last'] = $fn['1'];

}

$_SESSION['SBUser']; please explain me what does it mean.

  • 3 Contributors
  • 2 Replies
  • 291 Views
  • 17 Hours Discussion Span
  • Latest Post Latest Post by madCoder
Member Avatar for AndrisP

$_SESSION['SBUser'] is session variable. You can set it if session is started see http://php.net/manual/en/book.session.php
and dont put PHP variables directly to the SQL query!

    $query = $db->query("SELECT * FROM users WHERE id = '$user_id'");

replace to

$stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
$stmt->bind_param('i', $user_id);
$stmt->execute();

http://php.net/manual/en/mysqli-stmt.bind-param.php

Edited by AndrisP
Member Avatar for madCoder

$_SESSION is a collection of values stored on the web server per visitor, per browser (ie, tied to the browser by a *cookie* that stores a unique *Session ID*.)

Values can be stored in $_SESSION for retrieval on the server in your PHP code in subsequent requests.

Your code snippet checks to see if the $_SESSION['SBUser'] has already been set. If so, retrieve user details from the database.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.