How to post non-post data into session when user logs in

When my users log into the website their first name, last name an开发者_开发问答d ID are missing from the session data because my session data is coded to take post data and submit into the session table in my database.

Because user logs in with email and password in my session data only email appears and nothing else does.

How can I make first name, last name and id appear in my session table in my db? I want to some how grab these details from the database when user is logging in and provide it in my $u_data array so it get's posted upload login success.

Here is my code:

<?php
class Login_Model extends CI_Model {


    public function checkLogin() {

            $this->db->where('email', $this->input->post('email')); //compare db email to email entered in form
            $this->db->where('password', $this->hashed()); //compare db password to hashed user password
            $query = $this->db->get('users'); //get the above info from 'user' table

            if ($query->num_rows() == 1) { //if number of rows returned is 1

            $u_data = array( //new variable with session data
                'user_id' => $this->db->insert_id(),
                'email' => $this->input->post('email'),
                'first_name' => $this->input->post('first_name'),
                'last_name' => $this->input->post('last_name'),
                'logged_in' => TRUE
            );

            $this->session->set_userdata($u_data); //send data from variable to db session
            return TRUE;

       } else {
            return FALSE;
       }
 }


   public function hashed() { //hashing method

            // sha1 and salt password
            $password = $this->encrypt->sha1($this->input->post('password')); //encrypt user password
            $salt = $this->config->item('encryption_key'); //grab static salt from config file

            $start_hash = sha1($salt . $password);
            $end_hash = sha1($password . $salt);
            $hashed = sha1($start_hash . $password . $end_hash);
            return $hashed;
}

}

If you're tracking sessions in your DB, two solutions come to mind.

First, you could select the first/last from the user table and insert it into the session table. This requires changes to your application.

Second, you could set up a view for your application, in which the session table is automatically joined with the appropriate user, but that assumes you already have some unique identifier for which user it is in the session (was that the email address?*). This solution would not require any changes to the application code, but would require changes to the DB, which may be the preferred method depending upon your deployment requirements (or it may not :) ).

* as a side note, if you're using email addresses for unique identifiers, be aware that some people share email addresses as you decide if this is the right solution for you.

It'd be as simple as doing something like:

session_start();
$_SESSION['userdata'] = $u_data;

within your CheckLogin method. The session is just a regular PHP array that happens to be automatically preserved for you. You can put anything you want into it, but you do have do put things into it yourself - PHP won't do it for you.

comment followup:

gotcha. So, you simply modify you class to fetch that information from the DB once the login's authenticated. I don't know how your DB class works, but instead of merely checking if there's a matching row, fetch the first/last name, using a query something like this:

select firstname, lastname
from users
where email=$email and password=$password

If you get a result row, you know it's a valid login, and then you just retrieve the name data. I have no idea how your db class works, but it shouldn't be too hard to get it to do that.

When I'm working with Auth systems in CodeIgniter I have made it a practice to include the "user" object globally in views, and also globally in my controllers, by fetching the userdata in the constructor, like so...

<?php

class My_Controller extends Controller {

    private $the_user;  //global var to store current user data

    function My_Controller() {
        parent::Controller();

        $data->the_user = $this->ion_auth->get_user();       //get user data
        $this->load->vars($data);                  //load into all views as $the_user "$the_user"
        $this->the_user=$data->the_user;         //load into private class variable "$this->the_user"
    }

At that point $the_user variable object is available in all views by default AND $this->the_user is always available to controller functions. It always represents the user currently logged in.

I am using Ion_auth for authentication and fetching the user, so that piece you would have to fill in.

I actually just constructed a "How-to" to implement extended Controller classes so all the Auth logic is automatically inherited to all "protected" Controllers.

The following solved this issue for me. I looked at one of my old questions on here and used my common sense.

I made this edit to my code.

if ($query->num_rows() == 1) { //if number of rows returned is 1

      $user = $query->result();

                $u_data = array( //new variable with session data
                    'user_id' => $user[0]->id,
                    'email' => $this->input->post('email'),
                    'first_name' => $user[0]->first_name,
                    'last_name' => $user[0]->last_name,
                    'logged_in' => TRUE
                );