Something like this should work:
$loginQuery = $dbc->stmt_init();
$loginQuery = $loginQuery->prepare("SELECT id, username, type FROM user WHERE LOWER(email) = LOWER(?) AND pass = ?");
$loginQuery->bind_param('ss',$e,$pas);
$loginQuery->execute();
$results = $loginQuery->get_result();
if($results->num_rows > 0)
{
$row = $results->fetch_assoc();
$user_name = $row['username'];
$user_id = $row['id'];
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $user_name;
}
else
{
echo "no rows returned, bad username and password.";
}
Assuming your $dbc is a mysqli object, you also need to call stmt_init()
before prepare:
$loginQuery = $dbc->stmt_init();
Also made the query case insensitive for the email by using LOWER(), you'd wanna do this on login and registration. That way someone doesn't register with email@email.com, then someone else registers with EMAIL@email.com. You should check that the email they are registering with does not match a email in your database already, and when checking use the mysql LOWER() function in the comparison.
The above code would get you the first row in the result set. If you need to get all rows you were kind of on the right track. but you would have to do:
$usersQuery = $dbc->prepare("SELECT id, username, type FROM user");
$usersQuery->execute();
$results = $usersQuery->get_result();
if($results->num_rows > 0)
{
while($row = $results->fetch_assoc())
{
$user_id = $row['id'];
$user_name = $row['username'];
$user_type = $row['type'];
}
}