Hello everyone,
I’m looking to increase my website’s sign up rate by splitting the rather long sign-up form into 3 short forms spread over 3 pages – the user would then fills out each form and progresses to the next (like the linkedin.com sign up process).
Please could you tell me how I should store the variables as my users move from one form to the next, whilst avoiding any hacking vulnerabilities? – I thought of using session variables but someone told me to never store passwords in a session variable? (one of the form fields is for a user to fill in a password).
Thanks for any help you can give!
Stu
Splitting sign-up form over several pages
Moderator: General Moderators
Re: Splitting sign-up form over several pages
My first thought was - if your signup page is 3 pages long, you should ask less questions. I fight with this with people I work with who want to know everything about interested parties. The fact of the matter is - you probably don't need all the data you're asking for. Of course, I could be wrong.
To answer your actual question, using session variables is definitely the way to go. That "someone" was correct - you should never store plaintext passwords in $_SESSION - nor anywhere else. I assume you're storing hashed passwords? Simply hash the value before you put it in $_SESSION.
To answer your actual question, using session variables is definitely the way to go. That "someone" was correct - you should never store plaintext passwords in $_SESSION - nor anywhere else. I assume you're storing hashed passwords? Simply hash the value before you put it in $_SESSION.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.