Clear post data with session - advice needed!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
mjsw
Forum Newbie
Posts: 10
Joined: Fri Jul 09, 2010 9:18 am

Clear post data with session - advice needed!

Post by mjsw »

Hi,

currently I'm working on my own e-commerce platform and I want to design it perfectly. The part I'm not satisfied with now, is how the data is send to server when administrator edit something in his admin panel. As we all know, there are two options to choose from here: post and get methods. Now, for all CRUD operations (updates, inserts, deletes) I use POST since it allows more data to be send and keeps my urls clean. The part I can't accept is the lack of refresh support, I mean the annoying popup that must apear asking wheater you want the data to be send again or not on each refresh attempt after the post data was sent. This made me wonder if there is a method to skip this behavior and I've came up to something like this:

Code: Select all

			
if(isset($_POST['save']))
{
	//save post data to db here
	$_SESSION['save']=1; //let's say 1 means that the save operation was succesfull
	header("Location: ".$_SERVER['REQUEST_URI']);
	exit;
}
if(isset($_SESSION['save']))
{
	$save=$_SESSION['save'];
	unset($_SESSION['save']);
}
if($save==1)
{
//print the message to the user
}
As you see, all I'm doing here is redirecting the page to itself after the post data was utilized, so the post data get lost. The message for the user is being stored in a session and is displayed to him only once - just after the save. Then the session is being unset and the message won't apear on next page refresh. This is just a sample, I use this mechanism in more situations.

Before I implement this mechanism in my whole application, I wanted to ask if anyone finds this method wrong/dangerous or have better suggestion? I must admit that I'm pretty happy with how it's working, even though the additional request is made every time, and that the redirection can be seen in some cases (slower page load), but I can't see any other weakneses. Does anyone see any holes in my code?

Thanks in advance...
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: Clear post data with session - advice needed!

Post by Darhazer »

This is the correct way to do it, only you can encapsulate it better. And actually you can set 'message', so you can reuse both for sucessful and error messages.

Additionnaly, in the code sample (I know it's just a sample) the $save variable could be undefined one, if $_SESSION['save'] is not set
mjsw
Forum Newbie
Posts: 10
Joined: Fri Jul 09, 2010 9:18 am

Re: Clear post data with session - advice needed!

Post by mjsw »

Darhazer wrote:This is the correct way to do it, only you can encapsulate it better. And actually you can set 'message', so you can reuse both for sucessful and error messages.

Additionnaly, in the code sample (I know it's just a sample) the $save variable could be undefined one, if $_SESSION['save'] is not set
OK, thanks for your comments, I will implement this then in my system. If anyone see anything that can possibly go wrong in that code, please let me know, thanks :)
Post Reply