Session questions - php

I am having trouble in understanding of how I need to do this:
Have list of items on my home page and when users click on that, I take them to a page where i ask for name and email id(both are optional fields) and when users hit submit, I will take them to other page where they get to see all the details. the reason for that name and emails fields are to store the ip address in mysql and also the url(has the item id and date) they are on.
To do this, i am having trouble in doing it in program.
I am thinking to start a session/store cookie once they hit submit. after that I want to store the ip address, item id, date and name/email(if they filled in) in mysql db
Store everything in the mysql db
Also, how can I avoid anyone going to the page directly(the one I show after they submit) ? Is there any way can I include some condition on that page and redirect them to this log in page ?
Please help me out.
regards

Since you set session variables when the user hits the submit buttons, you can test if one of those variables is set or not and redirect accordingly.
You can also do it with POST, use the page as an action to your form, and whenever someone accesses that page you test if $_POST variables (from the form) are set or not.

As the data seem to be necessary only for the immediate use, I think that a session is the right answer in this case.
If you would then use a database query, which data would you store to associate the data to the correct user? As you said, both the data you ask are optional; even in the case there would not be optional, how do you handle the case two different users report the same name and email (it could also be the same user using two different browsers).
For temporary data like that, the session is always the better choice (except few exceptions, maybe).
I was forgetting the other question.
Also in that case, I would use a session variable. Sessions variables are the solution for values that you want to keep between different forms, without the need to keep moving them between the server, and the client side.
For more information about sessions, see PHP: Sessions

Related

Simple Web Questionnaire

I am making a website that will tell the user if they need a certain document in their business transaction. I know how to make forms, but I want to be able to ask the question on one page, and if the answer is yes, it goes to the next question- if no a different question. Like this:
Also in one of the questions, the user's name and other info are inputted. How can I hold onto that data and then put it on the correct document needed?
If you wanted to hold onto the data from a user input, you could use something similar to: localStorage.setItem("item-name", value); or sessionStorage.setItem("item-name", value);
when the form is submitted where value is the data from the user input. The difference between the two is localStorage keeps the data past a session while sessionStorage keeps the data until the user session expires.
Finally, when the data needs to be retrieved, you can use localStorage.getItem("item-name"); or sessionStorage.getItem("item-name");, depending on which one you used to store the data, and set the result in a variable to then be displayed in the final output.
I hope this helps you out!

preventing users from submitting data from form to mysql twice

I have a form where a user submits data from various text fields on my webpage to mysql database. Is there any code I can use were it will not let them submit/update the data again? e.g it will redirect them to a page saying sorry wwe have already received your data.
I have a unique number for each user if this helps. any help is appreciated.
Use tokens, it will avoid double submits and CSRFs.
Simply add tokens to an array, $_session most likely, and pop them when used.
Also, disable the submit button with JS after a submit.
You can also set a var in the session user that says he already performed an action, exampled uploaded his picture. Unset it if there is an error in your upload script for instance.
When you receive the post, query the database for the unique user number. If you get back a non-empty result, then display the error. Otherwise, save the data to the database.
The biggest thing you need to determine is what your unique identifier will be. It sounds as though you already have one (you mentioned unique user number?) Your unique identifier could be an email address, or even the full set of submitted data.
There are other ways to emulate this, such as setting a cookie on the user's machine, or disabling the submit button, but, none of these are completely under your control. The user could easily get past them if they tried. Therefore, determining a unique identifier and validating server side is probably the best way to do it.
The answer hugely depends on the reason for which user might send the data twice.
in case of an accident, there is one technique, and all other won't help you even a bit.
in case of intentional duplication the technique is completely different and again there is no general solution - everything depends on the certain scenario.
If you care to explain your certain case, you will get a proper solution.
For the most silly case of pressing "Reload" on a page with post results, you have to redirect browser using Location: HTTP header, e.g.
header("Location: ".$_SERVER['REQUEST_URI']);
exit;

make registration in parts

I want to build a script a register form and then divide in to parts, let me demonstrate
Accept rules (then press Continue)
Type username, password (then press Continue)
E-mail (and so on) and then Continue
To finally put all data and submit in to a database
But I'm not really sure how to do it, should I use sessions?
Give me some ideas of how you would have done it.
If you're going to do it in PHP, your best bet would be using PHP's Sessions. Take input from the forms on each page and store it in a session.
Insert all of the users information into a database in pieces with a timestamp, and if the user clicks cancel or doesn't come back to filling in their user info the database their information will be deleted.
Use jQuery SmartWizard or something like that.

What to you choose between mySQL or SESSSIONS to continue with my page?

Scenario No 1
On page1.php I use php with MySQL to get a product's data to the page. When a user wants to proceed to page, 2 he clicks on a button.
On page2.php there is also some info about the product, mainly for checkout purposes. For this data to be displayed I make use of the ID of the product so page2.php is actually page2.php?id=123. Therefore, using again PHP and MySQL I get the data I need.
Scenario No 2
On page1.php I use php with MySQL to get a product's data to the page. The needed values for page2.php are stored in sessions. When a user wants to proceed to page 2, he clicks on a button.
On page2.php now, the information about the product is shown using sessions. This time page2.php is actually page2.php that it is shown on the address bar.
I prefer doing this with scenario 1. The user will be able to copy/paste or send through a button the page to a friend for direct access. I don't think that one more hit to the db is a problem.
What is your opinion ?
I would agree that scenario 1 is better. You should use a session for its intended purpose, carrying state of a particular user, not misuse it as some form of caching mechanims in my opinion.
That's why you use the database in the first place - to have efficient access to your data. Why try to build a cache around the thing that should actually improve the efficiency if used?
If access ever becomes a bottleneck and you really need to look into caching, then there are still better mechanisms than to use your session for this purpose.
No. 1 is definitely the better approach. The second approach would only make sense if the product is attached to the user's session (for instance, when going through an order wizard). And even then, it's still better to just attach the product ID to the session, and fetch the product information from the database on each new page.

PHP pages that store information between forms so that the form information is stored before submit

This is inside a PHP website form.
An example is like:
First page:
-Username:
-Password
Second page:
-Email
-[Checkbox]
Thirdpage:
-Contact Details
-Address
Fourth page:
Review all of the above forms in hard copy but with a back and forward command so that the user does not loose any information when switching between these pages.
Please post.
You could use cookies and do your own sessions with MySQL too. I like doing it like that because the data is easier to access if necessary.
Or you can pass the previous variables to the next page though hidden form elements.. but that can get messy.
You Have to use session. I like Zend_Session.
If you want users to be able to come back later and complete the form (assuming you have some kind of login system, or a way to recognize users), you could still save the data into a database. Make another table, temp_submissions. Keep data in it until the user completes the form and commits the data they send. Once committed, clear the data out of the temp_submissions folder and insert it into the "permanent" table. It may not be practical in this case, or total overkill, but it's an alternative to sessions and cookies.

Categories