João Gonçalves João Gonçalves - 14 days ago 5
PHP Question

How can i update session variable without re-login?

I have this code in all the pages of my web to display the username.

<p>Welcome <?php echo $_SESSION['username']; ?>!</p>


And i allow users to update their username, but when they update it. It won´t update the session variable, the user have to re-login to see the changes.
There is any way to update it without re-login?

Here is the code I´m using to update

<?php
include_once 'db_connect.php';
include_once 'functions.php';

sec_session_start();
echo $_SESSION['username'];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Secure Login: Protected Page</title>
<link rel="stylesheet" href="styles/main.css" />
</head>
<body>
<?php if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($_SESSION['username']); ?>!</p>
<a href="logout.php">Log out</a>

<?php
mysql_connect("localhost","root");
mysql_select_db("userdata");
$sql_query="SELECT * FROM users";
$result_set=mysql_query($sql_query);
?>

<?php

if(isset($_GET['user_id']))

{

$result_set=mysql_query($sql_query);
$fetched_row=mysql_fetch_array($result_set);
}
if(isset($_POST['btn-update']))
{
// variables for input data
$username = $_POST['username'];
$email = $_POST['email'];
$user_id = $_SESSION['user_id'];
// variables for input data

// sql query for update data into database
$sql_query = "UPDATE users SET username='$username',email='$email' WHERE id= '$user_id'";
// sql query for update data into database

// sql query execution function
if(mysql_query($sql_query))
{
?>
<script type="text/javascript">
alert('Data Are Updated Successfully');
window.location.href='publish_page.php';
</script>
<?php
}
else
{
?>
<script type="text/javascript">
alert('error occured while updating data');
</script>
<?php
}
// sql query execution function
}
if(isset($_POST['btn-cancel']))
{
header("Location: publish_page.php");
}
?>

<center>

<div id="header">
<div id="content">
<label>PHP PHP Update Data From MySql - By Cleartuts</label>
</div>
</div>
<div id="body">
<div id="content">
<form method="post">
<table align="center">
<tr>
<td><input type="text" name="username" placeholder="username" value="<?php echo $_SESSION['username'];?>" required /></td>
</tr>
<tr>
<td><input type="text" name="email" placeholder="email" value="<?php echo $_SESSION['email'];?>" required /></td>
</tr>
<tr>
<td>
<button type="submit" name="btn-update"><strong>UPDATE</strong></button>
<button type="submit" name="btn-cancel"><strong>Cancel</strong></button>
</td>
</tr>
</table>
</form>
</div>
</div>

<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login</a>.
</p>
<?php endif; ?>
</body>
</html>


I already tried to delete cache and didn´t solve. Any ideas how i can update it automatically?

Answer

Simple fix: this should work from when you update the name again

if(mysql_query($sql_query))
     {
     $_SESSION['username']=$username
      ?>
      <script type="text/javascript">
      alert('Data Are Updated Successfully');
      window.location.href='publish_page.php';
      </script>
      <?php
     }

in other issues read up on prepared statements and sql injection you are vulnerable also check xss protection your username the above code doesn't have the security updates required it has just the answer to your problem.

mysql is deprecated so you have a lot of catching up to do