Undefined Property

[Kev0121]

I'm getting Notice: Undefined property: session::$user_id in C:\wamp\www\blog\session.php on line 19 that error when logging in, heres my session and log script

SESSION :

PHP Code:

<?php

class session {
    
    private $logged_in = false;
    public $user_id;

    function __construct() {
        session_start();
        $this->check_login();
    }

    public function is_logged_in() {
        return $this->logged_in;
    }

    public function login($user) {
        if($user) {
            $this->user_id = $_SESSION['user_id'] = $this->user_id;
            $this->logged_in = true;
        }
    }

    private function check_login() {
        if(isset($_SESSION['user_id'])) {
            $this->user_id = $_SESSION['user_id'];
            $this->logged_in = true;
        } else {
            unset($this->user_id);
            $this->logged_in = false;
        }
    }

}

$session = new Session();

?>

LOGIN :

PHP Code:

<?php
if(isset($_COOKIE['logged_in'])) {
    header('Location: usercp.php');
}
?>
<html>
    <head>
        <title>Login.</title>
    </head>
<body>
<div id="log_form" align="center">
<form name="login" method="post" action="">
    <table>
        <tr>
            <td>Username: </td>
            <td> <input type="text" name="log_user" /> </td>
        </tr>

        <tr>
            <td>Password: </td>
            <td> <input type="password" name="log_pass" /> </td>
        </tr>

        <tr>
            <td> <input type="submit" name="log" value="Login" /> </td>
        </tr>
    </table>
</form>
</div>
 </body>
</html>

<?php
require_once 'connection.php';
require_once 'session.php';
require_once 'user.php';
connect();
$user = new User();

if(isset($_POST['log'])) {
   User::$user = trim($_POST['log_user']);
   User::$pass  = $_POST['log_pass'];

    if(!User::$user) {
        echo "Please enter a username. <br>";
    }

    if (!User::$pass) {
        echo "Please enter a password. <br>";
    }

//    if ($user) {
//        $sql = "SELECT * FROM users WHERE username = '$user'";
//        $res = mysql_query($sql);
//        $count = mysql_num_rows($res);
//
//        if($count == 1) {
//            $find_pass = "SELECT * FROM users WHERE username = '$user' AND password = '$pass'";
//            $res1 = mysql_query($find_pass);
//            $check = mysql_num_rows($res1);
//
//            if($check == 1) {
//                $row = mysql_fetch_array($res1);
//                $session->login($check);
//                setcookie("logged_in", "1", time()+3600);
//                $_SESSION['uid'] = $row['id'];
//                $update = mysql_query("UPDATE users SET active = '1' WHERE id = '".$_SESSION['uid']."'");
//                header('Location: usercp.php');
//            }else {
//                echo "Username and password combination is wrong. <br>";
//            }
//        }else {
//        echo "Sorry we cant find that username in the database. <br>";
//    }
//    }

    
    $find_user = User::authenticate(User::$user, User::$user);

    if($find_user) {
        $session->login(User::$user);
    }

}
?>

[Fou-Lu]

PHP Code:

    private function check_login() { 
        if(isset($_SESSION['user_id'])) { 
            $this->user_id = $_SESSION['user_id']; 
            $this->logged_in = true; 
        } else { 
            unset($this->user_id); 
            $this->logged_in = false; 
        } 


If !isset($_SESSION['userid']) you destroy $this->user_id.
Then in you're login script:

PHP Code:

    if($find_user) { 
        $session->login(User::$user); 
    } 


chains back to session here:

PHP Code:

   public function login($user) { 
        if($user) { 
            $this->user_id = $_SESSION['user_id'] = $this->user_id; 
            $this->logged_in = true; 
        } 
    } 


And its toast. Not sure why you're chaining $this->user_id = $_SESSION['user_id'] = $this->user_id. It sorta doesn't make sense to set the same variable twice.

Solution, don't unset you're user_id, but set it to null.