Centralize session update

lib/account.php

@@ -86,45 +86,62 @@ function verifyPassword($userID, $password): bool
     return !empty($password_hash) && !empty($password) && password_verify($password, $password_hash);
 }
 
+function UpdateSession(){
+    global $mysqli;
+    $stmt = $mysqli->prepare("SELECT FirstName, LastName, Nickname, Email, MinecraftNick, PrivilegeLevel, LastLoginAt, LoginCount FROM Users WHERE ID = ? AND isActivated = 1");
+    $stmt->bind_param("i", $_SESSION["ID"]);
+    $stmt->execute();
+
+    $uid = 0;
+    $first_name = "";
+    $last_name = "";
+    $nickname = "";
+    $password_hash = "";
+    $email = "";
+    $minecraft_nickname = "";
+    $privilege_level = 0;
+    $lastLoginAt = null;
+    $loginCount = 0;
+    $stmt->bind_result($uid, $first_name, $last_name, $nickname, $email, $password_hash, $minecraft_nickname, $privilege_level, $lastLoginAt, $loginCount);
+    $stmt->fetch();
+    $stmt->close();
+
+    $_SESSION["first_name"] = $first_name;
+    $_SESSION["last_name"] = $last_name;
+    $_SESSION["nickname"] = $nickname;
+    $_SESSION["email"] = $email;
+    $_SESSION["minecraft_nickname"] = $minecraft_nickname;
+    $_SESSION["privilege_level"] = $privilege_level;
+
+}
+
 function doLogin($email, $password): array
 {
     global $mysqli, $routerConfig;
     $found = false;
     if (!empty($email) && !empty($password)) {
-        $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, PrivilegeLevel, LastLoginAt, LoginCount FROM Users WHERE Email = ? AND isActivated = 1");
+        $stmt = $mysqli->prepare("SELECT ID, PasswordHash FROM Users WHERE Email = ? AND isActivated = 1");
         $stmt->bind_param("s", $email);
         $stmt->execute();
 
         $uid = 0;
-        $first_name = "";
-        $last_name = "";
-        $nickname = "";
+
         $password_hash = "";
-        $minecraft_nickname = "";
-        $privilege_level = 0;
-        $lastLoginAt = null;
-        $loginCount = 0;
-        $stmt->bind_result($uid, $first_name, $last_name, $nickname, $password_hash, $minecraft_nickname, $privilege_level, $lastLoginAt, $loginCount);
+        $stmt->bind_result($uid, $password_hash);
         $stmt->fetch();
         $stmt->close();
 
         if (password_verify($password, $password_hash)) {
             $found = true;
 
+            $_SESSION["ID"] = $uid;
+            UpdateSession();
             // Update LastLoginAt and LoginCount
             $updateLoginStmt = $mysqli->prepare("UPDATE Users SET LastLoginAt = NOW(), LoginCount = LoginCount + 1 WHERE ID = ?");
             $updateLoginStmt->bind_param("i", $uid);
             $updateLoginStmt->execute();
             $updateLoginStmt->close();
         }
-
-        $_SESSION["ID"] = $uid;
-        $_SESSION["first_name"] = $first_name;
-        $_SESSION["last_name"] = $last_name;
-        $_SESSION["nickname"] = $nickname;
-        $_SESSION["email"] = $email;
-        $_SESSION["minecraft_nickname"] = $minecraft_nickname;
-        $_SESSION["privilege_level"] = $privilege_level;
     }
     return $found ? ["Status" => "Success"] : ["Status" => "Fail"];
 }
@@ -273,6 +290,7 @@ function getUserInfo(): array
         $stmt->bind_result($firstName, $lastName, $nickname, $email, $minecraft_nickname);
         $stmt->fetch();
         $stmt->close();
+        UpdateSession();
         $output["Status"] = "Success";
 
         $output["UserInfo"] = [