Page 1 of 1

Splitting sign-up form over several pages

Posted: Wed Mar 30, 2011 5:26 pm
by stubarny1
Hello everyone,

I’m looking to increase my website’s sign up rate by splitting the rather long sign-up form into 3 short forms spread over 3 pages – the user would then fills out each form and progresses to the next (like the linkedin.com sign up process).

Please could you tell me how I should store the variables as my users move from one form to the next, whilst avoiding any hacking vulnerabilities? – I thought of using session variables but someone told me to never store passwords in a session variable? (one of the form fields is for a user to fill in a password).

Thanks for any help you can give!

Stu

Re: Splitting sign-up form over several pages

Posted: Wed Mar 30, 2011 5:49 pm
by pickle
My first thought was - if your signup page is 3 pages long, you should ask less questions. I fight with this with people I work with who want to know everything about interested parties. The fact of the matter is - you probably don't need all the data you're asking for. Of course, I could be wrong.

To answer your actual question, using session variables is definitely the way to go. That "someone" was correct - you should never store plaintext passwords in $_SESSION - nor anywhere else. I assume you're storing hashed passwords? Simply hash the value before you put it in $_SESSION.