Is it possible to check on the click of a link (html) whether a php session has been set? I am trying to stop a link being clicked should a user not be logged in. Thanks
I think you've got your logical sequence of events mixed up. You check the existence of a php session before the page is even served.
Once a link is on the page you cannot directly prevent it from being used, unless you add an on-click listener or handle it with javascript.
You can use ajax for that. Simply send ajax request to the server and then check if your session is set.
Related
I have html page where you can insert some information and then submit this form, which will change information in database. I do it normally, that submit button call php file in server.
But what I want, is that this php file will return to me the same html page of which I sent request, with modified changes. e.g: there will be "Database update successfully" text added etc.
How can I do it without AJAX ?
Thanks
In the PHP file, do a call to the header() function to redirect the user. For example:
header('Location: url.php');
To change the content of that page they are redirected to, you could pass something in the URL that your page will check for. For example:
header('Location: url.php?submitted=1');
There are other ways to implement this, but this seems the most straightforward to me. Note that you don't want to call header() until the end of your submission page.
Use POST/REDIRECT/GET
Excerpt:
The user submits the form
This is pretty straight forward. The user completes the form and submits it by pressing the submit button or enter on their keyboard.
We store the form data in a session
After processing the data we discover an error so we need to redisplay the form with an error message but we also want to populate
it with their data so they don't have to refill the entire form just
to fix potentially one little mistake. So we store their data in a
session ($_SESSION). Session variables carry over from page-to-page
for as long as the session is valid or until they are deleted. This is
an ideal place to put their information since redirecting will cause
their information to be immediately discarded by the server.
We redirect the user back to the same page using a 303 redirect
Once we have saved the user's information in their session we need to redirect them back to the same page. In order for this to work
properly we need to use a 303 redirect. This means we need to send a
303 header with our redirect. A 303 redirect will cause the browser to
reload the page without the initial HTTP POST request to be
resubmitted. This includes when the user uses the back or refresh
buttons.
We re-populate the form using the data stored in the session
When the page is sent to the user we re-populate it with their information we saved in their session.
Only by generating the whole page in CGI first, unless you go through some horribly convoluted method of getting value of one of the fields to be set to document.innerHTML or something like that in Javascript. But you'll go through hell to get the quoting issues resolved. Use AJAX, it was created for precisely this purpose and exactly to avoid the utter hell associated with what you need.
Alternatively: the "modified piece" of the page may be an iframe, and you can set the target attribute of the form, so that the PHP returns only the iframe content.
Is there a way to avoid reprocessing forms when I refresh php pages? I'd like to prevent resending forms when refreshing links to php files with an insert function in them. For example, I am processing a series of notes written by users at the top of each page for a new note. Besides the obvious creating a separate php file with a header function is there another way to do it?
Use the Post-Redirect-Get Pattern.
Accept a Post request
Process the data
Issue a redirect response
Accept a Get request
Issue a 200 response
If you need to display data from the submitted stuff, then include a row id or similar in (for example) the query string of the URL you redirect to.
The best way would be to do a header("location: form.php"); call after you process the form. That would redirect you back to the form page, and if you refresh, the browser wont resend the form data.
Alternatively, you could check to see if you already processed the data received, but that would still give you the browser warning message that you are going to resend the data.
You might do both, just in case someone uses the back button and accidentally clicks Submit again.
Just set some flag when you process the form first time so you could check for it and abort reprocessing later on. Session variable or cookie will work fine.
You could put a nonce into the page that is only allowed to be used once so that if you see the same nonce come in you don't do the insert of the page.
I redirect users to a new page after processing of the form.
The form is a POST-request to do-something.php. I check the input data and if it validates I process the data and perform a redirect to do-something.php?somethingdone. So the user can hit F5 w/o resending the POST request.
I tried to use header("Location:..."), $_POST = array(), unset($_POST), but (idk why) they didn't work in my php page.
So, what I did, I just used
echo '< script>window.location.replace("http://.../this.php")</script>'
😂 it works very good! Maybe it is not a good idea, I am learning PHP for the 4th week.
I want to authenticate the user without refreshing/redirecting to another webpage. If the username and password combination is incorrect, I want to show a message there itself without redirecting/refreshing the page. And if the username and password combination is correct, then I want the page to redirect to home page. An example is given below, the error message appeared without refreshing the page. Can anyone help me in get this thing done? Thanks!
Example:
Use Ajax! the idea is to use XmlHttpRequest objects to send requests back to the server and get response .
Google for PHP ajax login:
http://www.roseindia.net/ajax/ajaxlogin/ajax-login-program.shtml
http://evolt.org/ajax_login_system
Using jQuery:
http://www.chazzuka.com/php-ajax-login-form-using-jquery-82/
http://roshanbh.com.np/2008/04/ajax-login-validation-php-jquery.html
http://ajaxmint.com/2009/12/php-ajax-login-form-using-jquery/
You can do this with the help of making ajax request to your php file, which will then execute your username and password and return true or fase or Other information about request....
This is the simplest way to do something on same page.
You have at least two choices:
AJAX request (as others suggest), that will submit the form and make proper action depending on whether this was success (eg. load private data) or error (eg. display information about incorrect username/password),
IFRAME containing login form, that will reload itself, not the whole window (and eventually make some action or execute some script, depending on what you need),
Use AJAX! With it, user doesn't need to reload page to communicate with server.
in php i'm using GET to create query string which launches an action :
for example when i go to :
www.example.com/index.php?mode=action&name=launch_this
it will get mode=action and name=launch_this and the php will launch a function called "launch_this"
But how can i avoid people from refreshing this page and then re-launch the process ?
i'd like to be able to get these parameters once and convert the url for the client to index.php without parameters..
Is it possible ?
Thanks
actions which modify state on the server or launch a process should not use GET, but POST. If you use POST and the user refreshes, the browser will at least prompt for confirmation.
To avoid refreshes, you should send a redirect once the process is launched :
user posts to launch action
server launches action and sends a redirect
user browser receives the redirect and GETs the page atthe given URL
user refreshes, and reloads the page, but doesn't relaunch the action.
This pattern is known as Post/redirect/get, or as "redirect after post".
You can use the Post/Redirect/Get pattern for this:
http://en.wikipedia.org/wiki/Post/Redirect/Get
I'd consider looking at the Post/Redirect/Get pattern.
Before you send any output to the client, set the redirect header.
header("Location: index.php");
This will cause the browser to load the index.php page, and the URL shown in the location bar will change too.
You could also use the history.replaceState() javascript function to change the URL in the browser, but this function is only supported in Safari and Firefox 4 (see for example https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history)
You could store some value inside $_SESSION and check it before execution like
if(!isset($_SESSION['launched'])) {
$_SESSION['launched'] = true;
...
...
}
POST/Redirect/GET is a great answer.
Another possibility would be to use AJAX to actually send the data to the server, and then simply refresh the current page (or navigate to a different one, for that matter) once the AJAX completes. This way, the request that actually sends the data to the server is only ever called upon user action, and would not be called on reload.
I have a html file that has two buttons, approve and reject. I want that if someone clicks on the approve button, I want the box to disappear and display a message PERMANENTLY.
By permanently I mean that it should not return the box when I refresh the page.
Is it possible with JS or PHP or anything else?
Thanks.
Is it possible with JS or PHP or anything else?
Yes.
For a more detailed answer supply a more detailed question.
Uhm, presumably when someone clicks one of those buttons, you store a value somewhere indicating their action. You would normally check if the user has previously performed this action (or if it otherwise makes sense to display the buttons) and just not output them from your PHP script in that case.
Without more details about your code it'll be impossible to provide any more help than this.
You either need to store a cookie that you can check if they clicked or you need to store a list of IP's and what they clicked. That's the hard part
Hiding and displaying the box is as easy as using jquery and the onclick element in html.
Edit:
I agree with the above answer without more details it is hard to provide a working solution.
js will not be able to do something like this by itself. you need some sort of back end server processing or a cookie that will detect the user when they go to the page and then save their button click in a server side db or client side cookie... then when the user comes back it checks the back end data source or the client side cookie and makes the changes either client side with js or server side with php
I expect you'll need to set a cookie when you put up the message. That's only permanent as long as they keep the cookie, though. For real permanence you'll need to associate the message state with their login/customer info and retrieve that every time they come back to the site. Which means you'll have to force a login before they get to the form.
The problem with trying to do something dynamic, then make it permanent, but only for that user, is that you have to get over the statelessness of the web. You have no idea who you're dealing with from one visit to the next. To get over that, you either need to tag them (by setting a cookie) so you'll recognize them on their next visit, or you need to make them identify themselves (by forcing a login).