Navigation / Backbone script for a web app.
Moderator: General Moderators
-
jeffrydell
- Forum Commoner
- Posts: 77
- Joined: Thu Jan 17, 2008 4:39 pm
- Location: Menasha, WI
Navigation / Backbone script for a web app.
I'm a self-taught php 'scripter' who can't get his head around OOP. I feel like the train has left the station. That said, I hope you can offer me some ideas on how to accomplish the task before me.
I'm offering a web based service that accepts registrations ... the usual name, address, phone etc., then a lot of very specific information relating to the games an individual likes to play and what level they are at.
The process takes 13 forms from start to finish, more if they want to enter and event multiple times (loops back through 6 or 7 steps).
Basically each step has a script which looks up default values in the MySQL db, if none exist it places blanks in a $_SESSION array then places the form on the screen. A processing script validates the $_POST values and either throws an error message (going back to the same form) or stores everything in an Array, then sends the user on to the next step where it all starts over.
My issue is with controlling the 'flow'. Getting the user reliably from one step to another. I can handle just about anything when the user clicks on the controls I provide, but when they start navigating via their browser's buttons or History ... stuff falls apart really quickly.
What to do? I need to learn the best way to structure a multi-form 'interview process' - but don't know what I need to learn. Alternatively, is there a feature-rich developement tool which doesn't take 6 months to learn (I know that's an oxymoron) which might help me build a backbone script to tie this all together ... OR ... is there someone here who would be willing to mentor me and work with me to develop this application clean & tight? I'd be willing to pay for that.
Any input you can provide would be GREATLY appreciated. I've been at this for 9 months and have a lot of good pieces in place ... just need to tie those pieces all together. Thanks in advance for your help.
Jeff
I'm offering a web based service that accepts registrations ... the usual name, address, phone etc., then a lot of very specific information relating to the games an individual likes to play and what level they are at.
The process takes 13 forms from start to finish, more if they want to enter and event multiple times (loops back through 6 or 7 steps).
Basically each step has a script which looks up default values in the MySQL db, if none exist it places blanks in a $_SESSION array then places the form on the screen. A processing script validates the $_POST values and either throws an error message (going back to the same form) or stores everything in an Array, then sends the user on to the next step where it all starts over.
My issue is with controlling the 'flow'. Getting the user reliably from one step to another. I can handle just about anything when the user clicks on the controls I provide, but when they start navigating via their browser's buttons or History ... stuff falls apart really quickly.
What to do? I need to learn the best way to structure a multi-form 'interview process' - but don't know what I need to learn. Alternatively, is there a feature-rich developement tool which doesn't take 6 months to learn (I know that's an oxymoron) which might help me build a backbone script to tie this all together ... OR ... is there someone here who would be willing to mentor me and work with me to develop this application clean & tight? I'd be willing to pay for that.
Any input you can provide would be GREATLY appreciated. I've been at this for 9 months and have a lot of good pieces in place ... just need to tie those pieces all together. Thanks in advance for your help.
Jeff
Re: Navigation / Backbone script for a web app.
Maybe there's some helpful info in this article.
Re: Navigation / Backbone script for a web app.
I would use a serialized state variable passed by POST ... Thus the user will have real "back-forward" navigation which is hard to achieve when using session variables.
To ensure that the user hasn't changed anything after the validation step use a HMAC field.
To ensure that the user hasn't changed anything after the validation step use a HMAC field.
There are 10 types of people in this world, those who understand binary and those who don't
-
jeffrydell
- Forum Commoner
- Posts: 77
- Joined: Thu Jan 17, 2008 4:39 pm
- Location: Menasha, WI
Re: Navigation / Backbone script for a web app.
Extremely well written and helpful. I'm not sure I grasp all the concepts yet - but certainly a step in the right direction.matthijs wrote:Maybe there's some helpful info in this article.
Thanks!
-
jeffrydell
- Forum Commoner
- Posts: 77
- Joined: Thu Jan 17, 2008 4:39 pm
- Location: Menasha, WI
Re: Navigation / Backbone script for a web app.
[quote="VladSun"]I would use a serialized state variable passed by POST
VladSun,
Thanks for the reply!
You used a couple of terms that are way beyond me here, so I'm going to try to clarify.
My guess is that a serialized state variable would be something like <input type="hidden" name="step" value="3"> included in the third form?
I Googled HMAC field and found many references to it, but no explanation of what it is. Would you please shed some light on that?
Jeff
VladSun,
Thanks for the reply!
You used a couple of terms that are way beyond me here, so I'm going to try to clarify.
My guess is that a serialized state variable would be something like <input type="hidden" name="step" value="3"> included in the third form?
I Googled HMAC field and found many references to it, but no explanation of what it is. Would you please shed some light on that?
Jeff
Re: Navigation / Backbone script for a web app.
Every step (except the first one) of the wizard has this code in:
hmac function:
It's much better to have a State class with all the methods you need (hmac, import, export, SQL_save etc.), but you can use simply an array for the state variable.
HMAC simply makes a "fingerprint" of your data by using a secret key - so if someone modifies it the fingerprints would not match and you will know there is something wrong.
PS: Another issue solved by using $state is that you have all the data you need before any SQL insert operations.
Code: Select all
$my_secret_key = 'jdnf89fjashfastaehfdbsgf8aes';
if (hmac($_POST['state'], $my_secret_key) !== $_POST['hmac']) die ('Hacking attempt!');
$state = unserialize(base64_decode($_POST['state']));
.......
-> validation of $_POST
........
$state['field_name1'] = $_POST['field_name1'];
$state['field_name2'] = $_POST['field_name2'];
........
<form action='next_step.php' method='post'>
<input type='hidden' name='state' value='". base64_encode(serialize($state))) ."'>
<input type='hidden' name='hmac' value='". hmac(base64_encode(serialize($state)), $my_secret_key) ."'>
Code: Select all
function hmac($data, $passwd, $algo = 'sha1')
{
/* md5 and sha1 only */
$algo = strtolower($algo);
$p = array('md5'=>'H32','sha1'=>'H40');
if(strlen($passwd) > 64) $passwd=pack($p[$algo], $algo($passwd));
if(strlen($passwd) < 64) $passwd=str_pad($passwd, 64, chr(0));
$ipad = substr($passwd, 0, 64) ^ str_repeat(chr(0x36), 64);
$opad = substr($passwd, 0, 64) ^ str_repeat(chr(0x5C), 64);
return($algo($opad.pack($p[$algo], $algo($ipad.$data))));
}HMAC simply makes a "fingerprint" of your data by using a secret key - so if someone modifies it the fingerprints would not match and you will know there is something wrong.
PS: Another issue solved by using $state is that you have all the data you need before any SQL insert operations.
Last edited by VladSun on Fri Jan 18, 2008 8:36 am, edited 4 times in total.
There are 10 types of people in this world, those who understand binary and those who don't
-
jeffrydell
- Forum Commoner
- Posts: 77
- Joined: Thu Jan 17, 2008 4:39 pm
- Location: Menasha, WI
Re: Navigation / Backbone script for a web app.
Yeah, like I said at the start of my original post ...
I'm a self-taught php 'scripter' who can't get his head around OOP.
I'm simply not at the level of understanding to be able to grasp what you apparently use on a very fluent and regular basis. I've made it past echo 'Hello World!'; but I'm not quite up to being able to understand / use / develop around the code you've posted.
I'm sure it would work quite well and thank you for your time ... It's just more than I can handle.
I'm a self-taught php 'scripter' who can't get his head around OOP.
I'm simply not at the level of understanding to be able to grasp what you apparently use on a very fluent and regular basis. I've made it past echo 'Hello World!'; but I'm not quite up to being able to understand / use / develop around the code you've posted.
I'm sure it would work quite well and thank you for your time ... It's just more than I can handle.
Re: Navigation / Backbone script for a web app.
It's not so hard - try itjeffrydell wrote:I'm sure it would work quite well and thank you for your time ... It's just more than I can handle.
PS: I've edited the script above - there was an error in it
There are 10 types of people in this world, those who understand binary and those who don't