Page 1 of 1
Storing Information
Posted: Tue Mar 15, 2005 7:54 pm
by xfusion
Hey,
I'm about intermediate level in javascript and PHP, what I can't quite figure out though is how to store information to be used later. Here's what I'd like to do:
Have a user come to a page where they're presented with a menu. From this menu they will be able to select as many options as they'd like. What I need to be able to do is save all the information somewhere, so that when they proceed to have the information processed it'll all be there. I'd like to do this, if at all possible without forms, maybe having all the info saved automatically to a .txt, or a database.
-Kevin a.k.a xfusion
Re: Storing Information *CHECK IT OUT*
Posted: Tue Mar 15, 2005 7:58 pm
by hongco
xfusion wrote:Hey,
I'm about intermediate level in javascript and PHP, what I can't quite figure out though is how to store information to be used later.
-Kevin a.k.a xfusion
have you tried to use session?
Posted: Tue Mar 15, 2005 8:00 pm
by Ambush Commander
Well, theoretically, anything that uses dropdown lists can be achieved without forms, but if you want them to, say, type in their name, you'll need a form.
Now, there's several ways you can go about storing information, and it all depends on WHAT you're storing. Easiest way is to stick all the information in an array and serialize it.
Code: Select all
<?php
$option['lightbulb'] = true;
$option['alligatorcolor'] = "red";
$option['age'] = 23;
$option['bgcolor']="#FFF";
$dump = serialize($option);
$dump now contains a string that can be written to a file. If you unserialize dump:
You get the exact same array as you had before. You can use this to a snowball effect: storing the serialize in perhaps $_SESSION, adding values to it in a Wizard interface without polluting your HTML with loads of <input type="hidden">s.
There should be some tutorial on this. Seriously. Try searching the web. I probably gave you the least efficient way for handling this.
Posted: Tue Mar 15, 2005 9:10 pm
by xfusion
I may be able to refine those methods.
Thanks for your help
Posted: Tue Mar 15, 2005 10:41 pm
by Burrito
I have a new found (new to me anyway) technolgy that would allow you to write this info to a db w/o refreshing the page or sending the user to an intermediate page when they make a selection.
xmlhttp. It's a javascript object that can pass data back and forth to your web page from the server w/o reloading the page.
do a google for xmlhttp and you'll find loads of information and if you need any help with it, lemme know and I can hook you up.
Burr
Posted: Wed Mar 16, 2005 12:25 am
by Supremacy
Burrito wrote:I have a new found (new to me anyway) technolgy that would allow you to write this info to a db w/o refreshing the page or sending the user to an intermediate page when they make a selection.
xmlhttp. It's a javascript object that can pass data back and forth to your web page from the server w/o reloading the page.
do a google for xmlhttp and you'll find loads of information and if you need any help with it, lemme know and I can hook you up.
Burr
http://www.webopedia.com/TERM/X/XMLHTTP.html - writes:
Short for Extensible Markup Language Hypertext Transfer Protocol, a set of APIs that enables XML, HTML or binary data to be transmitted to and from Web servers over the Internet using HTTP. An advantage of XMLHTTP is that when files that are ASPs or CGI programs are queried from the server, the XMLHTTP object continuously queries the server transparently to retrieve the latest information without the user having to repeatedly refresh the browser. XMLHTTP enables streamed content through DHMTL rather than ActiveX controls or Java applets
Aint that message in the wrong board then??
And microsoft writes of some security exploites ect.
http://www.microsoft.com/technet/securi ... 2-008.mspx
look under "+Technical details"
Posted: Wed Mar 16, 2005 9:55 am
by Burrito
Aint that message in the wrong board then??
Not really, it would do exactly what he wants to do, only it would save it to a database rather than keeping all of the information in a session, which would ultimately die with that session expiration (unless he's storing it to a file or some such (or db sessions))
I checked on your vulnerability link:
An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.
the likelyhood of that happening probably isnt' too high. I'm not ruling it out as a possibility, but a slim one no doubt. I also don't think this would have any bearing on his incorporating it to his web site...
Burr
Posted: Wed Mar 16, 2005 7:59 pm
by xfusion
Thx for the suggestion Burrito, and thanks for the followup Supremacy this is exactly what I was looking for. If a hacker wants to see the information, it wouldn't matter because it won't be sensitive data being sent through this method.
thanks again
-Kevin
Posted: Wed Mar 16, 2005 8:48 pm
by Burrito
let me know if you need any help with it or code samples.
Burr