poc server

index.php

<?php
session_start(['cookie_secure' => true, 'cookie_path' => '/', 'cookie_httponly' => true]);

if ($_SERVER['HTTP_REQUEST'] === "POST"){
	if (isset($_POST['user']) && isset($_POST['pass'])){
		//for this POC we assume successful login and regenerate the session id 
		session_regenerate_id();
		$_SESSION['user'] = $_POST['user'];
		$_SESSION['authorized'] = true;
		echo("Session is now authorized");
		exit;
	}
	else{
		//check if we have an authorized  session
		if ($_SESSION['authorized']){
			$query = $_SERVER['QUERY_STRING'];
			$adminId = $query['adminId'];
			$userinfo = array(
			'adminId' => $adminId,
			'role' => $_POST['role'],
			'email' => $_POST['email'],
			'password' => $_POST['password'],
			'password2' => $_POST['password2'],
			'name' => $_POST['name']
			);
			//simulate setting userid information
			$handle = fopen('/tmp/testfile.txt','w');
			$handle.write($adminId . var_dump($userinfo));
			$handle.close();
			echo("We have updated the info for adminId ".$adminId.".");
			exit;
		}
	}
}
//simulate login
if ($_SERVER['HTTP_REQUEST'] === "GET"){
	echo("
		<html>
			<head>
				<title>login page</title>
			</head>
			<body>
				<form name='login' action='' method='POST'>
					<table>
						<tr>
							<td>
								Username: <input type='text' name='user'>
							</td>
						</tr>
						<tr>
							<td>
								Password: <input type='password' name='pass'>
							</td>
						</tr>
						<tr>
							<td>
								<input type='submit' name='submit' value='Submit'>
							</td>
						</tr>
					</table>
				</form>
			</body>
		</html>");
}
			

Got a little happy with the '==='. Fixed the code and it all works now. I'm a dummy.