Get data of current user logged in

Question

In my db I have a table, "article" with a column "authorid" and a table, "author" with a column "id". The two tables are joined by these columns so when a user submits an article, the "article" table receives the article while displaying the id of the author in the "authorid" column. However, I can't get the "authorid" column to update with the current users id. Whenever a user submits an article, the "authorid" column returns 0 instead of displaying their id defined in "id" column of "author".

**PHP**
   if (isset($_GET['add']))
      if (!userIsLoggedIn())
        include $_SERVER['DOCUMENT_ROOT'] . '/includes/login.inc.html.php';
        exit();
    }
        include 'form.html.php';
        exit();

   if (isset($_GET['addform']))
    {
        include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';

        $text = mysqli_real_escape_string($link, $_POST['text']);
        $author = mysqli_real_escape_string($link, $_POST['author']);

        $sql = "INSERT INTO article SET
                articletext='$text',
                articledate=CURDATE(),
                authorid='$author'";
        if (!mysqli_query($link, $sql))
        {
            $error = 'Error adding submitted article: ' . mysqli_error($link);
            include 'error.html.php';
            exit();
        }

        header('Location: .');
        exit();
    }

I think I need to select user data and store in an array then store the array in $author variable but I'm unsure how to get the user data of the current user logged in. Here is my userIsLoggedIn function:

function userIsLoggedIn()
{
    if (isset($_POST['action']) and $_POST['action'] == 'login')
    {
        if (!isset($_POST['email']) or $_POST['email'] == '' or
            !isset($_POST['password']) or $_POST['password'] == '')
        {
            $GLOBALS['loginError'] = 'Please fill in both fields';
            return FALSE;
        }

        $password = md5($_POST['password'] . 'chainfire db');

        if (databaseContainsAuthor($_POST['email'], $password))
        {
            session_start();
            $_SESSION['loggedIn'] = TRUE;
            $_SESSION['email'] = $_POST['email'];
            $_SESSION['password'] = $password;
            return TRUE;
        }
        else
        {
            session_start();
            unset($_SESSION['loggedIn']);
            unset($_SESSION['email']);
            unset($_SESSION['password']);
            $GLOBALS['loginError'] =
                    'The specified email address or password was incorrect.';
            return FALSE;
        }
    }

    if (isset($_POST['action']) and $_POST['action'] == 'logout')
    {
        session_start();
        unset($_SESSION['loggedIn']);
        unset($_SESSION['email']);
        unset($_SESSION['password']);
        header('Location: ' . $_POST['goto']);
        exit();
    }

    session_start();
    if (isset($_SESSION['loggedIn']))
    {
        return databaseContainsAuthor($_SESSION['email'], $_SESSION['password']);
    }
}

The two tables are joined by "authorid" in "article" and "id" in "author", as you can see, I cant get "authorid" to update with "id" because, like i said above, I don't know how to get the user id of the current user logged in and store that id in $authors .

**article table**
id  articletext     articledate     authorid
1   Test article    2011-08-05      0

**author table**
id  name    email           password
1   user    user@mail.com   d8a6582c02d188df9ad89a6affa412f7

Any help would be greatly appreciated, thanks!

Answer 1

For starters, your curly brackets are a bit odd. Try ...

if (isset($_GET['add'])) {
    if (!userIsLoggedIn()) {
        include $_SERVER['DOCUMENT_ROOT'] . '/includes/login.inc.html.php';
        exit();
    }
    include 'form.html.php';
    exit();
}

... Not sure this will fix your problem, but as it stands, your code will exit; before it ever hits if (isset($_GET['addform']))