I have 3 pages, one HTML page (session.html) and 2 PHP pages (session.php & sessiona.php). The html page has a form on it with only 2 fields, one being a text box (customername) and other being a selection list (hobby). The action on the HTML page is to send to session.php in which i store the variables in this manner :
<body>
<?php
session_start();
$_session['name'] = $_POST['customername'];
$_session['hobby'] = $_POST['hobby'];
$name = $_session['name'];
$hobby = $_session['hobby'];
?>
<p>Sessiona</p>
</body>
The point of session.php is only to store the variables and only display a link to sessiona.php which i want to retrieve the stored variables from sesssion.php and diplay them. Is there a way to do this?
It should suffice to set
session_start();
in your sessiona.php where you can get the variables in the manner you suggested:
$name = $_SESSION['name'];
$hobby = $_SESSION['hobby'];
Any page to start the session variable's creation
<?php session_start();
$_SESSION['name'] = $_POST['customername'];
$_SESSION['hobby'] = $_POST['hobby'];
?>
<html>...</html>
Any page to retrieve that session data after it's created
<?php
if(isset($_SESSION['name'])) { $name = $_SESSION['name'] }
if(isset($_SESSION['hobby'])) { $hobby = $_SESSION['hobby'] }
?>
<html>...<?php echo($name) ?>...or...<?php echo($_SESSION['name'])?>...</html>
Note: you will want to check for that session variable to ensure you don't throw an error on echo. isset(), !empty(), etc.
Related
How to pass two value from one page to another in PHP using session.
$account=$_SESSION["account_no"];
$account1=$_SESSION["account_no"];
Session will be available through out the application (in all pages) until you destroy it.
To set a session,
<?php
session_start();
$_SESSION['variable_name_1'] = "value_1"; // or $_POST['accountno_1'];
$_SESSION['variable_name_2'] = "value_2"; // or $_POST['accountno_2'];
?>
In the other page, to get the values
<?php
session_start();
echo $_SESSION['variable_name_1'];
echo $_SESSION['variable_name_2'];
?>
FILE-1: WHERE YOU NEED TO SAVE THE ACCOUNT TO SESSION
<?php // NOTICE THAT THERE IS NO SPACE BEFORE <?php [THIS IS IMPORTANT!!!]
// FILE-NAME: file_1.php WHERE YOU HAVE TO SET THE SESSION VARIABLE
//FIRST CHECK IF SESSION EXIST BEFORE STARTING IT:
if (session_status() == PHP_SESSION_NONE || session_id() == '') {
session_start();
}
$_SESSION["account_no"] = $account;
FILE-2: WHERE YOU NEED TO GET THE ACCOUNT FROM SESSION
<?php // NOTICE THAT THERE IS NO SPACE BEFORE <?php [THIS IS IMPORTANT!!!]
// FILE-NAME: file_2.php WHERE YOU NEED TO READ THE SESSION VARIABLE
//FIRST CHECK IF SESSION EXIST BEFORE STARTING IT:
if (session_status() == PHP_SESSION_NONE || session_id() == '') {
session_start();
}
// READ THE ACCOUNT NUMBER FROM SESSION DATA...
$account = $_SESSION["account_no"];
On the first page:
session_start();
$_SESSION['value1'] = 'First value';
$_SESSION['value2'] = 'Second value';
On the second page:
session_start();
$value1 = $_SESSION['value1'];
$value2 = $_SESSION['value2'];
File:1 where data will be store Session
<?php
session_start(); //before HTML tag
$_SESSION['one'] = $account_no1;
$_SESSION['two'] = $account_no2;
?>
File2: where you like to retrieve session
<?php
session_start();
echo $_SESSION['one'];
echo $_SESSION['two'];
?>
Sessions is a global variable in PHP.
Just create two session variables as use anywhere
<?php
session_start(); // should be at top of page or before any output to browser
$_SESSION['account'] = $account;
$_SESSION['account1'] = $account1;
Now access these session variables anywhere in any page but should start session before use, like:
<?php
session_start();
echo $_SESSION['account'];
Hi i'm developing a multi steps form with php using session and i've been wondering if there is a way for the user to alter session variables for example on the first page i have something like this :
<?php
session_start();
if(isset($_POST['submit'])){
$_SESSION['name'] = $_POST['name'];//and so on
}
?>
and the other page has something like :
<?php
session_start();
$name = $_SESSION['name'];
?>
my question is can the user modify the value of the session variable on the second page
Since you're populating the session variable with the value of a POST variable, they can continue to resubmit the first form as much as they want with arbitrary values.
You can use application logic to defeat this:
<?php // form1
session_start();
if (empty($_SESSION['step'])) {
$_SESSION['step'] = 1;
}
if ($_SESSION['step'] > 1) {
header("Location: form2.php");
exit; // This exit is very important, don't neglect it
}
if (isset($_POST['submit'])){
$_SESSION['name'] = $_POST['name'];//and so on
$_SESSION['step'] = 2;
}
And then
<?php // form2
session_start();
if (empty($_SESSION['step'])) {
header("Location: form1.php");
exit;
}
if ($_SESSION['step'] > 2) {
header("Location: form3.php");
exit;
}
if ($_SESSION['step'] < 2) {
header("Location: form1.php");
exit;
}
$name = $_POST['name'];
By using application logic, you can control the flow of your visitors within your application.
If you're asking if users can change $_SESSION variables outside of any code you've written, the answer is usually no. See also: this answer.
So I'm currently trying to save page1.php's HTTP_REFFERER as a variable and transfer that variable to another page. I've tried using $_SESSION[] and $_COOKIES[] methods but it didn't work. page2.php shows referrer as page.php.
Any suggestions?
page1.php :
<?php session_start();
$variable1 = $_SERVER['HTTP_REFERER'];
$_SESSION['ref'] = $variable1;
page2.php :
<?php session_start();
$_SESSION['ref'] = $variable1;
echo $variable1; ?>
You inverted the variable and the value in your 2nd page
<?php
session_start();
$variable1 = $_SESSION['ref'];
echo $variable1;
$_SERVER['HTTP_REFERER'] is a predefined env variable. To access stored variable use for example $_SESSION['HTTP_REFERER'] on page2.php
In page1.php, make sure to end the code correctly:
<?php session_start();
$variable1 = $_SERVER['HTTP_REFERER'];
$_SESSION['ref'] = $variable1;
?>
In page2.php just print_r the $_SESSION['ref'] or assign it to a variable and then use echo.
Also the order of the variables is incorrect, should be:
$variable1 = $_SESSION['ref'];
HTH.
I created a site where you need to login to visit the different pages, nothing special.
To keep the user logged in, I'm setting the session on top of every page.
My problem is, I don't wanna have to set the different session variables on top on each page. I'd rather have one function I can call to set them. Plus I don't need all those variables on each page, so I'd like the function to accept optional parameters (like the email, or profile picture that are not used on every page).
I call this on top of each page:
<?php
require_once 'session.php';
confirm_logged_in();
$username = $_SESSION['username'];
$email = $_SESSION['email'];
$picture = $_SESSION['picture'];
$group = $_SESSION['group'];
?>
I would like to make it more like this and be able to set only the variables I need:
<?php
require_once 'session.php';
confirm_logged_in();
set_variables($username, $email);
?>
The 'session.php' file is like this:
<?php
session_start();
function logged_in(){
return isset($_SESSION['username']);
}
function confirm_logged_in(){
if(!logged_in()){
header('location: start.php');
}
}
?>
I've tried a few things, but it just led me to huge amounts of errors.
Has someone already done this or found a script doing this? Is that possible?
First of all, if what you want to do is overload your function, you can't do that. For more info on that see this. However, you can do this:
<?php
set_variables($username, $email, $picture,$group)
{
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['picture'] = $picture;
$_SESSION['group'] = $group;
}
?>
Put this function in your session.php file.
I am not sure if I understood right, but if I did, all you need to do is create a new file, let's call it "Session_Variables.php".
After you created the file, paste the following code into it:
<?php
require_once 'session.php';
confirm_logged_in();
$username = $_SESSION['username'];
$email = $_SESSION['email'];
$picture = $_SESSION['picture'];
$group = $_SESSION['group'];
?>
Then, finally, just replace the old code with:
include("Session_Variables.php");
Not directly related to the question you are asking, but you should really add exit; after a redirect header. Clients can ignore headers and still load your page even while not being logged in.
if you want to make set_variables($username, $email) work like i think you wanted, you need to write something like this.
Session.php
<?php
session_start();
function logged_in(){
return isset($_SESSION['username']);
}
function confirm_logged_in(){
if(!logged_in()){
header('location: start.php');
}
}
//Only Picture and group are Optionals
function set_variables($username, $email, $picture = '', $group = ''){
//you can check here is thoses variables are set or valid before assign them
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['picture'] = $picture;
$_SESSION['group'] = $group;
}
//create a function that we need to retrieve thoses values
function get_variable($name){
if ( isset( $_SESSION[$name] ) ) return $_SESSION[$name];
return FALSE; //if the variable is not set.
}
?>
And you can use it like this
<?php
require_once 'session.php';
confirm_logged_in();
set_variables($username, $email);
$username = get_variable('username');
?>
I think you need to move the session_start(); to the actual page. Using a require_once on the session_start(); is not a good plan.
I'm receiving values in a GET string from Aweber upon user's submission of a form. I take the variables they send and submit them to a SMS gateway to notify a 3rd party of the submission by text message.
Here's my problem. I need to redirect the page that performs the outgoing SMS commands in a php header to another page that finally displays the GET variables sent from Aweber.
I can retrieve the variables and their values in the first page. How do I pass them to the second page?
Here is the code I'm using on the first page (sms.php) to collect the variables sent by Aweber:
$fname = $_GET['name'];
$femail = $_GET['email'];
$fphone = $_GET['telephone'];
....etc
header('Location: confirmed.php');
exit;
First convert the $_GET HTTP variable into a query string using
$query = http_build_query($_GET);
Then append the query string variable to your redirect header
header('location: domain.com'."?".$query);
Done.
session_start();
$_SESSION['fname'] = $_GET['name'];
$_SESSION['femail'] = $_GET['email'];
$_SESSION['fphone'] = $_GET['telephone'];
....etc
header('Location: confirmed.php');
and get it on the next page like:
session_start();
$fname = $_SESSION['fname'];
$femail = $_SESSION['femail'];
$fphone = $_SESSION['fphone'];
....etc
You don't need to store them in a session, you can easily pass them with your location header:
$fname = $_GET['name'];
$femail = $_GET['email'];
$fphone = $_GET['telephone'];
//now a header with these var's:
header("Location: confirmed.php?name=".$fname."&email=".$femail."&telephone=".$fphone);
In confirmed.php you can get these variables with $_GET method.
Please for anyone reading this in future, use sessions for this kind of variable value transfer because if you rely mostly on adding variable to header then if the user in still on that form and carries out an action that changes the value of the header then your own variable value changes since it depends on the header......simply put, USE SESSIONS.
Store them in the session:
$_SESSION['fname'] = $_GET['name'];
Use session_start at the beginning of each file.
Try this. It worked perfectly for me.
if ($_GET)
{
$query = str_replace("%3D", "=", str_replace("%26", "&", strval(urlencode(http_build_query($_GET)))));
header('location: https://www.example.com'.'?'.$query);
}
else
{
header('location: https://www.example.com');
};
The best you can do is put all your POST variables to a session like this:
On page1.php put:
//Start the session
session_start();
//Dump your POST variables
$_SESSION['post-data'] = $_POST;
And on page2.php put: (If on page1.php we use a normal POST form submit with form action="page2.php")
//Start the session
session_start();
//Access your POST variables
foreach ($_POST as $key => $value) {
${$key} = $value;
$_SESSION[$key] = $value;
}
//Unset the useless session variable
unset($_SESSION['post-data']);
Or on page2.php put: (If on page1.php we use a self submit with form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?> and then use a header("Location: page2.php"); to move to the page2.php and pass our POST variables via a session)
//Start the session
session_start();
//Access your POST variables
$_POST = $_SESSION['post-data'];
foreach ($_POST as $key => $value) {
${$key} = $value;
$_SESSION[$key] = $value;
}
unset($_SESSION['post-data']);
I literally spent hours figuring that out because all the forums put it wrong or incomplete.
Now it's as easy as just calling the variables you passed from the page1.php like this for example: <b>Points: </b><?php echo $points; ?> and that's it!!
When situating the header('Location: page2.php'); in a if condition, etc. make sure that it will be in the first PHP script of the page and above any HTML output.
This works use this sentex
header('location:member_dashboard.php?id='.$id);