call userID upon Login and Store it

Question

I'm missing something here, I can't seem to be able to call the userID and save it in the session. The plan is upon login, to store the userID for future changes. Right now I can't seem to store the userID in the session. I get Notice: Undefined index: userID in login.php on line 14.

<?php

session_start();
if (!isset($_POST['submit'])){

} else {
require_once("db_const.php");
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
# check connection
if ($mysqli->connect_errno) {
    echo "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
    exit();
}
$userID = $_SESSION["userID"];
$username = $_POST['username'];
$password = $_POST['password'];

$sql = "SELECT * from userinfo WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
    echo "<p>Invalid username/password combination</p>";
} else {

  setcookie("username", time() +60*60*24*30*365);
$_SESSION['userID'] = $userID;
     echo "<p>Logged in successfully!, Please close the window</p>";
}
}
?>       

Answer 1

You never update $userID after setting it from the session itself. To solve this, fetch the result and store the fetched id:

$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
    echo "<p>Invalid username/password combination</p>";
} else {
    $row = $result->fetch_assoc();
    $_SESSION['userID'] = $row['userid']; //case sensitive
    //etc.

Answer 2

The error is on the line

 $userID = $_SESSION["userID"];

Seems like the session userID is not set. Before assigning always check whether the session variable exists using the isset language construct.

if(isset($_SESSION["userID"]))
{
 $userID = $_SESSION["userID"];
}

Do this for your other session variables too and this test applies even for $_POST