php: pass large arrays of data through pages - php

I am trying to to solve a problem where I need to pass large arrays of data to another page, this is my scenario:
The user input his/her gmail login information inside a form, I then send this information to an ajax page where i authenticate and fetch all the contacts, if the login is invalid they can try again but if it authenticated I need to send them to the next page where I parse all the emails and check if they match any users on the site.
Method 1 (didn't work):
Store all the data inside a session, this only work if the array is small as there is a size limit for the sessions.
Method 2 (didn't work):
Add an hidden input with javascript and then submit the form (also with javascript).
As it turns out you can't submit the form and return true (change page) unless the user triggers the event.
So how should I go on, should I just skip the ajax authentication and send them back to the previous page if it didn't work or is there some workaround to my problem?

Why don't you store the data in a database, MySQL, or SQLite if MySQL is not available to you. In there, you would store a serialized version of your array linked to the users session id.
The MySQL table I'm thinking of:
id | session_id | data
http://php.net/manual/en/function.serialize.php on how to serialize your array.

If you are able to fetch the data again on the next page, you could do that instead of passing it between pages.

Since you are using jQuery you can submit the data directly or as a hidden element on the form without a user click. Assuming the second submission is via AJAX you can:
$("#mydiv").load("secondpage.php", {email1: 'blah'}, function(){
alert("Submitted everything nicely");
});

Depending on your webserver, but session variables do not typically have a size restriction. Apache+PHP you could handle extremely large sizes, instead you should care about
http://ca.php.net/manual/en/ini.core.php#ini.memory-limit. In addition, PHP.ini carries session.size variable that you could adjust. I am not sure how it did not work for you; you used $_SESSION, right?
Finally, to make a better persisting yet fast (faster than Database) volatile storage I would recommend using Danga's memcached. It is very stable, widely used and has wrappers for every possible language flavor.

Related

Multipart form with data output to browser in jQuery/PHP. How to show input data?

I'm trying to create a form with 3 steps:
fill the form
check if data is correct (show input)
thank you
With an advice of some people here (regarding my previous question) I've changed my way of doing it from mainly PHP + js-validation to mainly js + PHP process data.
I need an advice with how to deal with this now.
Previously I've had a PHP if/else that determined which step to show and kept data in $_SESSION for 2nd step and possible corrections back in 1st step.
Now I'm wondering if I really need two ajax calls (first to process data in order to show it - 2nd form step uses $_SESSION to display data input in 1st step; second to generate e-mail and pdf with given data - same $_SESSION as step2).
Maybe a good solution would be to put data with javascript into 2nd step aswell and use $_SESSION only in the final processing and generating.
What's the common/your approach to this problem?
Here's the normal flow:
User loads page with form on it. Fills it out. Submits it.
You can validate every field as they fill it out (instant feedback which is nice from a user's perspective) or validate using the onSubmit event (in jquery $('#formID').submit). You don't allow them to submit if it doesn't pass, return false from the submit function.
In case they don't have JS enabled (you can try to prevent them from using it w/o JS but in reality they can just use curl -d "value1=foo&value2=foo2&value3=foo3" http://example.org/page/ to get around you) you have to validate the data on the server, too. JS isn't enough.
If it doesn't pass server validation, you can redirect them back to the form using the Location: http://example.org header or echo the form again in the server-side code. If it does pass, you can use it (insert it into db, echo it, email it, whatever).
You save the data in your database and add it to $_SESSION. You echo the data they just entered along with a button "Download PDF" or some such.
They click "Download PDF".
You have all the information you need to create and PDF. You don't have anything to validate but you need to use the $_SESSION information to create the PDF. You should test the $_SESSION to make sure they have valid input from the previous pages or else someone can mimic a post to the page and generate a PDF (perhaps blank though). I generally avoid using data from a $_SESSION as anything but state information -- I'll write to a db on post data (after scrubbing) but if it's in $_SESSION it usually is just stuff that tells me who they are and stores other information about configuration, etc. In your case, I'd have written to a DB in step one and now would use some ID from $_SESSION to pull that record and create the PDF to send it.
I think all of your validation can be easily done in step one and then you separate step 2 into delivery based on the validity of step one.

PHP pages that store information between forms so that the form information is stored before submit

This is inside a PHP website form.
An example is like:
First page:
-Username:
-Password
Second page:
-Email
-[Checkbox]
Thirdpage:
-Contact Details
-Address
Fourth page:
Review all of the above forms in hard copy but with a back and forward command so that the user does not loose any information when switching between these pages.
Please post.
You could use cookies and do your own sessions with MySQL too. I like doing it like that because the data is easier to access if necessary.
Or you can pass the previous variables to the next page though hidden form elements.. but that can get messy.
You Have to use session. I like Zend_Session.
If you want users to be able to come back later and complete the form (assuming you have some kind of login system, or a way to recognize users), you could still save the data into a database. Make another table, temp_submissions. Keep data in it until the user completes the form and commits the data they send. Once committed, clear the data out of the temp_submissions folder and insert it into the "permanent" table. It may not be practical in this case, or total overkill, but it's an alternative to sessions and cookies.

php - How to save the form data temporary

I have designed a user profile form, a long form which is quite complicated.
Before the user can submit and save it, the form needs to be validated.
Here is the question:
When the form is saved into the DB, there are multiple tables involved.
Now I would like to introduce a function called "Save Form" which internally doesn't validate the form and just save whatever the user entered.
There are potential issues, such as:
Q1> How to save temporary data?
Q2> What should I do if the user saves the temporary data
without submitting the form and then quit.
This feature looks like the Draft feature provided by Gmail.
You could create a session for the fields you're interested in saving. For example
$this_form = array(
'field1' = 'value',
'field2' = 'value2',
);
Then save this to a session:
$_SESSION['this_form'] = $this_form;
If you want to be really lazy you could just save the $_POST or $_GET variable in the session.
$_SESSION['my_post'] = $_POST;// or $_GET depending on your form.
And Of course, you know not to do anything with these until you validate them and do the usual inoculations.
You can retread the saved session variable later simply by calling it.
i.e.
echo $_SESSION['this_form']['field1'];
Once you are done with the session you can delete it with the unset command:
i.e.
unset $_SESSION['this_form']
There are also session functions that you can use:
PHP Session Functions
Q1> How to save temporary data?
There are a couple ways you could do this. You could save it to a different table. You could also (probably more popular) save it to the same table as the completed profiles, but flag it as incomplete via a column for this purpose. This column could be named complete. If the profile is not complete, it would be set to 0 or false. If it is complete, it would be set to 1 or true. You can then query based on it.
You could then "validate" the data via whatever procedure is required and set the column to 1 or true as needed.
Q2> What should I do if the user saves the temporary data without
submitting the form and then quit. This feature looks like the Draft
feature provided by Gmail.
The answer above should serve this purpose as well.
If you need to reload the data and allow the user to continue filling out the incomplete form, you will need to get some sort of identifier for them to allow this. You could do this by setting a cookie, or by some sort of unique identifier they would enter at the top of the form - such as SSN, phone #, student ID #, etc (or a combination).
If you are looking for a feature like Gmail's draft feature, you will need to implement some sort of AJAX call that automatically fire's every X seconds/minutes to automatically save the data.

PHP: transfer a large array between two sites

I'm trying to transfer a large array between two sites in PHP. I'm the admin in both.
The array is created on one site, and after its creation I wish to automatically redirect the user to the other site, and pass the processed array along.
I cannot use the SESSION superglobal, as it is limited to a specific domain.
GET is not suitable, as the array is too long.
I'm not sure if POST is suitable, and if there is a way to automatically send the data without forcing to user to click a button and submit some form. I know javascript can be used for this, but prefer to have something more robust.
I'm relatively new to PHP, and would love to hear of any other ways of performing this.
Thanks!
The easiest way would be to use a HTTP library like cURL and setup and send a POST request to the other site. Also including the users IP address would allow you to associate the posted data. Without JavaScript you cannot redirect a user with POST data.
One thing you may want to be aware of with the above method is that depending on how it is implemented the user may arrive before the data does.
There is no limit on POST as defined in the HTTP specs, but you may run into issues handling it on your other server (depending on what you mean by large) depending on php configuration. (POST limit is I believe set to 8MB by default)
Send an HTTP POST request via cURL functions and add the serialize()ed array to the request body.
I'd do something like this:
generate a token on Server A (e.g. sha1(timestamp + session id + random()))
use cURL to post the serialized array to the Server B, passing along the token you generated
On Server B, store the serialized data and token in a database table - fields: token (CHAR), data (BLOB)
redirect the user to http://ServerB/?data_token=[TOKEN GENERATED IN STEP 1]
Server B fetches the data associated with the token from the db, deletes the db entry, and stores the array in the new user session.
Well, if they are both on the same server, you can have one hijack the others session. I have used this to jump to a secure server before, use the session_id() function on the first host to get the session, then use the same function to set it on the second host.
See http://www.php.net/manual/en/function.session-id.php
I would suggest that after you create the "Array" you associate it with an ID(and store somewhere) and then redirect to the other with this ID. From site 2 using the ID, you can call a page on site 1 which returns the "Array"
Your problem:
sent array(ar) From Server(a) to Server(b)
My solution:
Server(a) generates an unique url(url) for Server(b) which contains Array(ar) encoded in for example json using json_encode(ar). This Array(ar) should be stored at url using for example mysql or just a simple text file.
$uid = md5(uniqid(mt_rand(), true)); // to generate unique id
Server(a) redirects browser to Server(b) also containing $uid
$url = "http://server-b/page"; // url to page
header('Location: $url?uid=$uid');
Server(b) gets the content from url on Server(a) and decodes content back to Array(ar)
$uid = $_GET['uid']; // uid
$url_server_a = "http://server-a/webservice?uid=$uid";
$ar = json_decode(file_get_contents($url_server_a));
I guess you could serialize it, save it as a file that is accessible from the other server and load it again from the other server. That way, no user action would be required but you'd have to protect the directory where you save the file to avoid privacy problems.
Edit: I´m assuming they're on different servers, otherwise it would be even easier...
If it were me, I'd store the information in some other medium: a memcache type environment for example, or a database that both can access.
After the array is created you could quickly generate a page that has a form which contains the data in a hidden field. This page could then automatically submit the form (with method="POST") to your redirect.
You could decode the array into JSON and send a link to the second server, which contains the download for the temporary JSON file, just re-decode the JSON file back into PHP and you do not have to use LONG URLs.

How to reset state of DataTable defined with filters or/and search field, with PHP

Working on PHP application, that uses DataTables (https://datatables.net) on several layouts.
Can I somehow reset all DataTable's filters and search data, after end user logged out from application? In other words, to clear all cookies that DataTables library created, if it's possible with PHP functions..
Main idea is to reset application to it's main state after user is logged out from application.
Thank you in advance!
The documentation says: (https://datatables.net/examples/basic_init/state_save.html)
The built in state saving method uses the HTML5 localStorage and
sessionStorage APIs for efficient storage of the data.
It means you cannot reach it with PHP.
However you can change the storage of filter parameters to cookie or server side.
Alternative options of using cookies or saving the state on the server
hrough Ajax can be used through the stateSaveCallback and
stateLoadCallback options.
You should write code which:
- save the filter parameters to cookie what you can remove on logout with PHP
or
- save the filter parameters to database via AJAX and you also can remove it on logout with PHP
example is here:
https://datatables.net/reference/option/stateSaveCallback
In case anyone out there is interested in a solution to this:
As some people rightly pointed out, there's no way to delete localStorage from PHP because PHP works only on the server and localStorage is client-based.
However, a way to achieve what OP wants is make sure that the page shown after logout has the JS needed to delete localStorage. For example, say that after logout, the user gets redirected to comebacksoon.php; what you need is to make sure that in the html of this comebacksoon page, you include:
<script>
localStorage.removeItem(keyYouWantToDelete);
</script>
It should be noted that if the user closes the window before comebacksoon.php is loaded, localStorage won't be deleted, but this approach has worked for me in most cases.

Categories