sending/holding data

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
calintuns
Forum Newbie
Posts: 3
Joined: Thu Mar 16, 2006 7:11 pm

sending/holding data

Post by calintuns »

I have a problem ... :D
Basicaly, I am getting data from a form and I'm showing the user the data he/she has inputed. Now, the next step is to save that data into a MySql database. So, I have my FORM file -> my SHOW file(in PHP) -> WRITE to database file(also in PHP).

OK !!! My question : How do I get the data from the FORM file to the WRITE file?

Any answer will be greatly appreciated. Tks a lot...
cali
LiveFree
Forum Contributor
Posts: 258
Joined: Tue Dec 06, 2005 5:34 pm
Location: W-Town

Post by LiveFree »

Two options:

a) Store the Data in $_SESSION[' '] arrays from page to page with session_start() at the top of each page before any output

b) Set the form's action as the write page and access the input with $_POST[' ']
User avatar
a94060
Forum Regular
Posts: 543
Joined: Fri Feb 10, 2006 4:53 pm

Post by a94060 »

second one seems more logical so because the same data is not going to multiple pages besides the action and form right?
calintuns
Forum Newbie
Posts: 3
Joined: Thu Mar 16, 2006 7:11 pm

Post by calintuns »

thanks for your answers but let me put it in another way:

I have 1 HTML and 2 PHP files.

The form is in my HTML file and is processed by the first PHP files. The result of this file is an overview of the inputed data. In this file (the first PHP file) I have another form that consits of two buttons, an edit button if the user does not agree with what he/she inputed earlier and an OK button that should take the action to the third PHP file that writes the data to my database.

I've tried with both $_SESSION and $_POST arrays, but something is not right. Can't I read these arrays anywhere in my site once they are declared?


cali
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

sessions and cookies are the only real ways of transmitting the same data across multiple pages. If you didn't call session_start() on all the pages where sessions would be used (and any inbetween) they may get lost. Even then, the data may be cleared by the server if it has an over zealous cleaning routine.
tomprogers
Forum Commoner
Posts: 50
Joined: Fri Mar 17, 2006 5:17 pm
Location: Minnesota
Contact:

Proper Data Handling Across Multiple Pages

Post by tomprogers »

Tucker wrote:Two options:

a) Store the Data in $_SESSION[' '] arrays from page to page with session_start() at the top of each page before any output

b) Set the form's action as the write page and access the input with $_POST[' ']
This is incorrect.

Option A opens a huge can of worms that you do not want to deal with.
  • What happens if a piece of form data has the same name as a piece of data that legitimately belongs in the session, such as Username? Suppose you are writing an admin application, and the admin is editing a user's privileges. When the changes are displayed back at the admin (before making them permanent, as in your situation), the Username from the form will overwrite the Username from the session. Likely, this will actually prevent the admin from committing the changes (because the system will think he/she is a regular user). Super-bad.
  • Also, assuming you take great care to prevent that from happening, that means that every time a user steps through your pages, their session will assume the work of managing all that data. This data will accumulate in the session, with each form that each user visits adding more useless junk that the server must track in memory. If you have many users, this will bog down your server with information it should have forgotten about several pages ago.
Option B obviously doesn't satisfy your need to have an intermediate "verification" page.

The correct procedure is to pass all the data from the verification page to the save page via hidden fields on the verification page. This process is most easily done by combining all three chunks of code in a single file, like so.

edituser.php

Code: Select all

// determine which part of the process to execute based on the buttons that have been pushed (if any)
if(isset($_POST['save']))
{
   // save to the database
   pg_query($db, $SQL);
   print('<p>Great news, ' . $_POST['username'] . ' &ndash; your account has been created.</p>');
}
else
if(isset($_POST['preview']))
{
   print('<p>Your username will be <strong>' . $_POST['username'] . '</strong>. Is this correct?</p>');
   
   print <<<END
<form action="{$PHP_SELF}" method="post">
<input type="hidden" name="username" value="
END;
   print(htmlspecialchars($_POST['username']));
   print <<<END
" />
<input type="submit" name="back" value="< Edit" />
<input type="submit" name="save" value="Save" />
</form>
END;
}
else
{
   print <<<END
<form action="{$PHP_SELF}" method="post">
<input type="text" name="username" value="{$_POST['username']}" />
<input type="submit" name="preview" value="Next >" />
</form>
END;
}
If you need this process to span multiple files, you can have them all post to the same "hub" file, and use the same if/elseif/else structure to include the appropriate file for each page view, but a single file is easier to manage, especially since you have high coupling between the three.[/list]
calintuns
Forum Newbie
Posts: 3
Joined: Thu Mar 16, 2006 7:11 pm

Post by calintuns »

being new to PHP this is a little too mmuch, but i will try to understand it and i'll surelly put it to good use :)

Thanks my friends ;)
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Re: Proper Data Handling Across Multiple Pages

Post by RobertGonzalez »

tomprogers wrote:
Tucker wrote:a) Store the Data in $_SESSION[' '] arrays from page to page with session_start() at the top of each page before any output
This is incorrect.

Option A opens a huge can of worms that you do not want to deal with.
  • What happens if a piece of form data has the same name as a piece of data that legitimately belongs in the session, such as Username? Suppose you are writing an admin application, and the admin is editing a user's privileges. When the changes are displayed back at the admin (before making them permanent, as in your situation), the Username from the form will overwrite the Username from the session. Likely, this will actually prevent the admin from committing the changes (because the system will think he/she is a regular user). Super-bad.
How will a POST var overwrite a SESSION var without being told to do so? The session var doesn't exist until you tell it to be born. Then it stays the same (provided you use session_start() on each page) until you change it or unset it. The only time the two would conflict is if register globals is on, and if there is anything that this forum will teach you it is, TURN REGISTER GLOBALS OFF. That being said, $_SESSION['Username'] will not be the same as $_POST['Username'] until you set $_SESSION['Username'] equal to $_POST['Username'].

Correct me if I am wrong.
tomprogers
Forum Commoner
Posts: 50
Joined: Fri Mar 17, 2006 5:17 pm
Location: Minnesota
Contact:

Re: Proper Data Handling Across Multiple Pages

Post by tomprogers »

Everah wrote:That being said, $_SESSION['Username'] will not be the same as $_POST['Username'] until you set $_SESSION['Username'] equal to $_POST['Username'].

Correct me if I am wrong.
You are not wrong. My interpretation of Tucker's option A was that cal should, on each page load, run a loop that copies $_POST vars to the $_SESSION, to make it easier to pass data from page to page. Which is, as you mention, a bad idea.

Sorry for any ambiguity.
Post Reply