PHP $_SESSION error when posting to the database

Question

I am trying to create posts with a userid = to the currently logged in users id. On page 1 I use $_SESSION to set a variable

$_SESSION['Userid'] = $row_getUserStuff['userid'];

I can call $_SESSION['Userid'] on both page 1 and page 2 with

echo($_SESSION['Userid']);

which outputs the users id, my problem is when I try to push that data to the database. In the form I put

<input type="hidden" name="userid" value="<?php $_SESSION['Userid']?>" />

But when I try to post it I get the error

Column 'userid' cannot be null

Answer 1

try this:

<input type="hidden" name="userid" value="<?php echo $_SESSION['Userid']?>" />

You're not actually telling PHP to output the session variable, you're just referring to it. But since it's a session variable, it doesn't need to be in the form at all, I assume there's a $_POST['userid'] somewhere in your code to handle the form, just replace that with $_SESSION['Userid'].

Answer 2

Replace this line:

<input type="hidden" name="userid" value="<?php $_SESSION['Userid']?>" />

to

<input type="hidden" name="userid" value="<?php echo $_SESSION['Userid']?>" />

Answer 3

Don't put the session data in the form. It is pointless for the browser to have to send the server something the server already knows, and anyone can change it in an injection attack.

Instead, just access $_SESSION['Userid'] when inserting the value into the database.

Answer 4

try

<input type="hidden" name="userid" value="<?php echo $_SESSION['Userid']; ?>" />

I added the echo statement and the ; so that no php error will be generated and the $_SESSION['Userid'] is properly sent to the browser.