A Question about sessions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

A Question about sessions

Postby Tokunbo » Mon Apr 09, 2012 3:38 pm

hello sirs,

Please could you help me out with a session problem.

Like, I have 3pages (page1.php, page2.php, page3.php).

I use sessions between page1 and page2.

Page1 - a user fills up a form
Page2 - the user fills up his contact details, and hits a submit button which processes the data to be sent by email.
Page3 - a thank you page.

Now I discovered that after page3, when I go back to page1, the original data is still there.

I googled on the net and what I understand is the session has to be destroyed. My question is: when is most ideal for the session to be destroyed. For ex: the user is filling up page2 and he remembers something to update on page1, etc

Can I destroy the session on page1 immediately after the user hits the submit button on page3?

How?
Or what better way can the above be professionally handled.

regards
Toks
Tokunbo
Forum Commoner
 
Posts: 46
Joined: Thu Sep 29, 2011 8:53 am

Re: A Question about sessions

Postby Celauran » Mon Apr 09, 2012 3:47 pm

I'm not even sure where or why sessions are coming into play here. If you're just moving around form data, why not just use POST? At any rate, if page3 is just a thank you page and everything has already been submitted, then that seems a suitable place to unset the various session variables.
PHP 5.6 released! August 28, 2014
PSA: PHP 5.3 end of life August 14, 2014.
User avatar
Celauran
Moderator
 
Posts: 3483
Joined: Tue Nov 09, 2010 3:39 pm
Location: Montreal, Canada

Re: A Question about sessions

Postby Tokunbo » Sat Apr 14, 2012 2:31 pm

@Celauran
thanks for the reply.

Are you saying I shoudnt have used sessions.

What I have is this:

A user selects options on a form (pull down menu) and clicks "add to cart". The info is stored into the db using the present SessionID as a reference. When the user is done, he clicks a submit button to go to a form where he can fill up his name, etc. Then hits the submit button. The thank you page now appears.

The only problem is: from the thank you page / any other page on the menu, coming back to the form page still shows the content of the cart. So im thinking since the session is still there and Im using it to reference the previously selected elements in the form, so its displayed.

From the thank you page, ive tried to figure out how I can reset the sessionID of the form index page.

I googled and found the sesssion_regenerate_id() command, however its not compatible with my form, since it posts into itself. This just means I would never be able to display the contents of my cart.

Please advise.
Tokunbo
Forum Commoner
 
Posts: 46
Joined: Thu Sep 29, 2011 8:53 am

Re: A Question about sessions

Postby x_mutatis_mutandis_x » Wed Apr 18, 2012 4:50 pm

Just using 3 pages may not be an ideal solution. See below a pseudo code.

Page1.php:
Syntax: [ Download ] [ Hide ]
<html>
<? if ($_SESSION[page1_error] ) { ?>
<font color=red><? echo $_SESSION[page1_error]; $_SESSION[page1_error] = false;?></font>
<? } ?>
<form name=user_form action=processPage1.php>....</form>...</html>
 


processPage1.php:
Syntax: [ Download ] [ Hide ]
Validate data submitted from Page1.
If valid {
$_SESSION[page1_data] = the data submitted from Page1
$_SESSION[page1_error] = false;
header(Location:Page2.php);
} else {
unset($_SESSION[page1_data]);
$_SESSION[page1_error] = the error message you want to show
header(Location:Page1.php);
}
 


Page2.php:
Syntax: [ Download ] [ Hide ]
if (! isset($_SESSION[page1_data])) {
header(Location:Page1.php);
exit;
}
<html>...
<? if ($_SESSION[page2_error] ) { ?>
<font color=red><? echo $_SESSION[page2_error]; $_SESSION[page2_error] = false;?></font>
<? } ?>
<form name=user_form action=processPage2.php>....</form>...</html>
 


processPage2.php:
Syntax: [ Download ] [ Hide ]
Validate data submitted from Page2.
If valid {
$_SESSION[page2_data] = the data submitted from Page2
$_SESSION[page2_error] = false;
try {
saveToDatabase($_SESSION[page1_data]);
saveToDatabase($_SESSION[page2_data]);
otherBusinessLogic();
} catch (Exception ex) {
$_SESSION[page1_error] = error message you wanna show
header(Location:Page1.php);
exit;
}
header(Location:Page3.php);
} else {
unset($_SESSION[page2_data]);
$_SESSION[page2_error] = the error message you want to show
header(Location:Page2.php);
}
 


Page3.php:
Syntax: [ Download ] [ Hide ]
$sessionData= $_SESSION;
Kill session;
Show fancy html suff (use $sessionData if need to show the sessions data)
 


I have also included error-handling on user end where I may have missed some logic here and there or made some typos, but hopefully you get the basic idea.
Also, you may wanna disable the "submit" button, onclick. This will prevent re-submission from the client/javascript side..

Cheers!
x_mutatis_mutandis_x
Forum Contributor
 
Posts: 160
Joined: Tue Apr 17, 2012 12:57 pm

Re: A Question about sessions

Postby pickle » Wed Apr 18, 2012 5:26 pm

Ya, sessions aren't really necessary here, but since you've already got it set up, there's little sense in starting over.

The best time to clear the session is on page 3. Before then, the user might want to navigate between page 1 & 2 to modify data. On page 3 though, they've already submitted their data, so you no longer need to hold them in $_SESSION.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
pickle
Briney Mod
 
Posts: 6430
Joined: Mon Jan 19, 2004 7:11 pm
Location: 53.01N x 112.48W

Re: A Question about sessions

Postby x_mutatis_mutandis_x » Thu Apr 19, 2012 10:29 am

Sessions is recommended so that you can secure data pertaining to the user while collecting his info until you finish your unitofwork. Otherwise you would have to put up a bunch of hidden parameters on page2 for posts from page1 and in page3 for posts from page2. Avoid using hidden params as much as possible unless you are working with a 3rd party service provider.
x_mutatis_mutandis_x
Forum Contributor
 
Posts: 160
Joined: Tue Apr 17, 2012 12:57 pm


Return to PHP - Code

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 7 guests