Session Variable Problem

Session Variable Problem

am 20.03.2010 19:22:34 von gary

I have this perplexing issue of session varibles getting dropped. It is a 4
page form, the last page being a review page incase the submitter wants to
change any of the information.If you go through the form, all of the
information carries forward, and from the review page if you go back to
edit, it is there, however is you go back to page 2, then to page 1, page
one info is gone.It gets worse in that page 2 sessions drop (more likely
over written) if you go from page 3 to 2.

Each page is started with

session_start();
}

Session varible:

$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);

Calling the session varible to the input field for review

'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>

The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php

Im confused as to why they keep getting dropped and how to stop it.

Hopefully I have given enough information.

Thank you

Gary



__________ Information from ESET Smart Security, version of virus signature database 4961 (20100320) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Session Variable Problem

am 20.03.2010 23:29:43 von Adam Richardson

--0014852f790d24a5d804824300e9
Content-Type: text/plain; charset=ISO-8859-1

On Sat, Mar 20, 2010 at 2:22 PM, Gary wrote:

> I have this perplexing issue of session varibles getting dropped. It is a
> 4
> page form, the last page being a review page incase the submitter wants to
> change any of the information.If you go through the form, all of the
> information carries forward, and from the review page if you go back to
> edit, it is there, however is you go back to page 2, then to page 1, page
> one info is gone.It gets worse in that page 2 sessions drop (more likely
> over written) if you go from page 3 to 2.
>
> Each page is started with
>
> > session_start();
> }
>
> Session varible:
>
> $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
>
> Calling the session varible to the input field for review
>
> > 'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>
>
> The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
>
> Im confused as to why they keep getting dropped and how to stop it.
>
> Hopefully I have given enough information.
>
> Thank you
>
> Gary
>
>
>
> __________ Information from ESET Smart Security, version of virus signature
> database 4961 (20100320) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


Are you checking to see if the post variable is set in the code that handles
saving the form values to session variables? I can't tell if you're doing
this from the code you provided. If not, it's possible that when you are
returning to one of the earlier pages, you're attempting to again save the
form values even though the corresponding $_POST vars are empty. This would
cause visiting page 2 to essentially delete the data previously posted from
page 1.

Using your example:

// Only save if post variable present, which means
if (isset($_POST['lend_fname']))
{
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}

Also, some users will likely click the back button during the process, which
brings up a funky message. You might try building one page that is
dedicated to saving all of the session variables, which then redirects to
the corresponding next page in the process.

Adam

--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com

--0014852f790d24a5d804824300e9--

Re: Session Variable Problem

am 20.03.2010 23:56:55 von gary

Adam

Thank you for your reply.

""Are you checking to see if the post variable is set in the code that
handles saving the form values to session variables? ""

No, I not done anything about the post variable, frankly I thought the
session variable would cover it. I tried your code

if (isset($_POST['lend_fname'])){
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}

And it seems to work fine, the data seems to stay. Is there an easier method
(perhaps putting the post or session variables into an array?

Again thank you for your reply and your solution.

Gary


"Adam Richardson" wrote in message
news:e4d8ea9d1003201529p1ab72baei147549423f5e3979@mail.gmail .com...
> On Sat, Mar 20, 2010 at 2:22 PM, Gary wrote:
>
>> I have this perplexing issue of session varibles getting dropped. It is
>> a
>> 4
>> page form, the last page being a review page incase the submitter wants
>> to
>> change any of the information.If you go through the form, all of the
>> information carries forward, and from the review page if you go back to
>> edit, it is there, however is you go back to page 2, then to page 1, page
>> one info is gone.It gets worse in that page 2 sessions drop (more likely
>> over written) if you go from page 3 to 2.
>>
>> Each page is started with
>>
>> >> session_start();
>> }
>>
>> Session varible:
>>
>> $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
>>
>> Calling the session varible to the input field for review
>>
>> >> 'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>
>>
>> The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
>>
>> Im confused as to why they keep getting dropped and how to stop it.
>>
>> Hopefully I have given enough information.
>>
>> Thank you
>>
>> Gary
>>
>>
>>
>> __________ Information from ESET Smart Security, version of virus
>> signature
>> database 4961 (20100320) __________
>>
>> The message was checked by ESET Smart Security.
>>
>> http://www.eset.com
>>
>>
>>
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
> Are you checking to see if the post variable is set in the code that
> handles
> saving the form values to session variables? I can't tell if you're doing
> this from the code you provided. If not, it's possible that when you are
> returning to one of the earlier pages, you're attempting to again save the
> form values even though the corresponding $_POST vars are empty. This
> would
> cause visiting page 2 to essentially delete the data previously posted
> from
> page 1.
>
> Using your example:
>
> // Only save if post variable present, which means
> if (isset($_POST['lend_fname']))
> {
> $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
> }
>
> Also, some users will likely click the back button during the process,
> which
> brings up a funky message. You might try building one page that is
> dedicated to saving all of the session variables, which then redirects to
> the corresponding next page in the process.
>
> Adam
>
> --
> Nephtali: PHP web framework that functions beautifully
> http://nephtaliproject.com
>
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4961 (20100320) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>



__________ Information from ESET Smart Security, version of virus signature database 4961 (20100320) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Session Variable Problem

am 21.03.2010 02:57:05 von Adam Richardson

--0014852eab44b89982048245e53f
Content-Type: text/plain; charset=ISO-8859-1

On Sat, Mar 20, 2010 at 6:56 PM, Gary wrote:

> Adam
>
> Thank you for your reply.
>
> ""Are you checking to see if the post variable is set in the code that
> handles saving the form values to session variables? ""
>
> No, I not done anything about the post variable, frankly I thought the
> session variable would cover it. I tried your code
>
> if (isset($_POST['lend_fname'])){
> $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
> }
>
> And it seems to work fine, the data seems to stay. Is there an easier
> method
> (perhaps putting the post or session variables into an array?
>
> Again thank you for your reply and your solution.
>
> Gary
>
>
> "Adam Richardson" wrote in message
> news:e4d8ea9d1003201529p1ab72baei147549423f5e3979@mail.gmail .com...
> > On Sat, Mar 20, 2010 at 2:22 PM, Gary wrote:
> >
> >> I have this perplexing issue of session varibles getting dropped. It is
> >> a
> >> 4
> >> page form, the last page being a review page incase the submitter wants
> >> to
> >> change any of the information.If you go through the form, all of the
> >> information carries forward, and from the review page if you go back to
> >> edit, it is there, however is you go back to page 2, then to page 1,
> page
> >> one info is gone.It gets worse in that page 2 sessions drop (more likely
> >> over written) if you go from page 3 to 2.
> >>
> >> Each page is started with
> >>
> >> > >> session_start();
> >> }
> >>
> >> Session varible:
> >>
> >> $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
> >>
> >> Calling the session varible to the input field for review
> >>
> >> > >> 'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>
> >>
> >> The page starts at
> http://www.paulgdesigns.com/one2one/lend_bor_input.php
> >>
> >> Im confused as to why they keep getting dropped and how to stop it.
> >>
> >> Hopefully I have given enough information.
> >>
> >> Thank you
> >>
> >> Gary
> >>
> >>
> >>
> >> __________ Information from ESET Smart Security, version of virus
> >> signature
> >> database 4961 (20100320) __________
> >>
> >> The message was checked by ESET Smart Security.
> >>
> >> http://www.eset.com
> >>
> >>
> >>
> >>
> >>
> >> --
> >> PHP General Mailing List (http://www.php.net/)
> >> To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >>
> >
> >
> > Are you checking to see if the post variable is set in the code that
> > handles
> > saving the form values to session variables? I can't tell if you're
> doing
> > this from the code you provided. If not, it's possible that when you are
> > returning to one of the earlier pages, you're attempting to again save
> the
> > form values even though the corresponding $_POST vars are empty. This
> > would
> > cause visiting page 2 to essentially delete the data previously posted
> > from
> > page 1.
> >
> > Using your example:
> >
> > // Only save if post variable present, which means
> > if (isset($_POST['lend_fname']))
> > {
> > $_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
> > }
> >
> > Also, some users will likely click the back button during the process,
> > which
> > brings up a funky message. You might try building one page that is
> > dedicated to saving all of the session variables, which then redirects to
> > the corresponding next page in the process.
> >
> > Adam
> >
> > --
> > Nephtali: PHP web framework that functions beautifully
> > http://nephtaliproject.com
> >
> >
> >
> > __________ Information from ESET Smart Security, version of virus
> > signature database 4961 (20100320) __________
> >
> > The message was checked by ESET Smart Security.
> >
> > http://www.eset.com
> >
> >
>
>
>
> __________ Information from ESET Smart Security, version of virus signature
> database 4961 (20100320) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
The session variables store what you tell them to store. The way your pages
were set up, it sounds like you always called the code that set the session
variable, even if the session variable was already set and even if there
were no POST variables sent.

People often do use sessions to preserve the state of a form's fields if the
form has multiple pages, just as you are doing. In this type of situation
someone can be visiting a page to 1) submit new data (POST data is present
such as when somebody clicks on the submit button in the previous page), or
2) review the data they've already entered (no POST data present, such as
when somebody uses the navigation on your page.) You have to check to see
which of the two possible types of page requests is occurring.

Using the code you have, you can probably just wrap the code that you have
that sets the session variables in an if block that checks for one of the
post variables you're expecting.

I'd recommend reading a tutorial or two on how PHP sessions work, such as
the following:
http://php.about.com/od/advancedphp/ss/php_sessions.htm

Adam

--
Nephtali: PHP web framework that functions beautifully
http://nephtaliproject.com

--0014852eab44b89982048245e53f--

Re: Session Variable Problem

am 21.03.2010 13:48:21 von TedD

At 2:22 PM -0400 3/20/10, Gary wrote:
>I have this perplexing issue of session varibles getting dropped. It is a 4
>page form, the last page being a review page incase the submitter wants to
>change any of the information.If you go through the form, all of the
>information carries forward, and from the review page if you go back to
>edit, it is there, however is you go back to page 2, then to page 1, page
>one info is gone.It gets worse in that page 2 sessions drop (more likely
>over written) if you go from page 3 to 2.
>
>Each page is started with
>
> > session_start();
> }
>
>Session varible:
>
>$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
>
>Calling the session varible to the input field for review
>
> >'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>
>
>The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
>
>Im confused as to why they keep getting dropped and how to stop it.
>
>Hopefully I have given enough information.
>
>Thank you
>
>Gary

Gary:

I think I know what the problem is. When you revisit previous pages,
you write over the previous data from an empty $_POST. Here's a way
to stop that.


if (isset($_POST ['lend_fname'])
{
$_SESSION['lend_fname'] = $_POST['lend_fname'];
}

As far as using strip_slashes() and htmlentities() I wait until I am
going to use the variables in some manner and then clean/scrub them
all at one time. That makes the process simpler for me -- plus I can
then keep all my security checks in one location.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Session Variable Problem

am 21.03.2010 15:14:08 von gary

Thanks again for all the help, however the plot thickens.

I have put:

session_start();
}
if (isset($_POST['lend_fname'])){
$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']);
}
if (isset($_POST['lend_lname'])){
$_SESSION['lend_lname']=stripslashes($_POST['lend_lname']);
}
if (isset($_POST['lend_street'])){
$_SESSION['lend_street']=stripslashes($_POST['lend_street']) ;
}
if (isset($_POST['lend_city'])){
$_SESSION['lend_city']=stripslashes($_POST['lend_city']);
}
if (isset($_POST['lend_state'])){
$_SESSION['lend_state']=stripslashes($_POST['lend_state']);
}
if (isset($_POST['lend_lname'])){
$_SESSION['lend_zip']=stripslashes($_POST['lend_zip']);
}
if (isset($_POST['lend_email'])){
$_SESSION['lend_email']=stripslashes($_POST['lend_email']);
}
if (isset($_POST['lend_phone'])){
$_SESSION['lend_phone']=stripslashes($_POST['lend_phone']);
}

?>

On the first page, Now what happens is it only sticks to the first two
(lend_fname and lend_lname), the others still get lost. Any idea how or why
the exact code works differently?

Thanks Again.

gary




"tedd" wrote in message
news:p06240800c7cbc092762b@[192.168.1.102]...
> At 2:22 PM -0400 3/20/10, Gary wrote:
>>I have this perplexing issue of session varibles getting dropped. It is a
>>4
>>page form, the last page being a review page incase the submitter wants to
>>change any of the information.If you go through the form, all of the
>>information carries forward, and from the review page if you go back to
>>edit, it is there, however is you go back to page 2, then to page 1, page
>>one info is gone.It gets worse in that page 2 sessions drop (more likely
>>over written) if you go from page 3 to 2.
>>
>>Each page is started with
>>
>> >> session_start();
>> }
>>
>>Session varible:
>>
>>$_SESSION['lend_fname']=stripslashes($_POST['lend_fname']) ;
>>
>>Calling the session varible to the input field for review
>>
>> >>'value="'.htmlentities($_SESSION['lend_fname']).'"';}?>
>>
>>The page starts at http://www.paulgdesigns.com/one2one/lend_bor_input.php
>>
>>Im confused as to why they keep getting dropped and how to stop it.
>>
>>Hopefully I have given enough information.
>>
>>Thank you
>>
>>Gary
>
> Gary:
>
> I think I know what the problem is. When you revisit previous pages, you
> write over the previous data from an empty $_POST. Here's a way to stop
> that.
>
> >
> if (isset($_POST ['lend_fname'])
> {
> $_SESSION['lend_fname'] = $_POST['lend_fname'];
> }
>
> As far as using strip_slashes() and htmlentities() I wait until I am going
> to use the variables in some manner and then clean/scrub them all at one
> time. That makes the process simpler for me -- plus I can then keep all my
> security checks in one location.
>
> Cheers,
>
> tedd
>
> --
> -------
> http://sperling.com http://ancientstones.com http://earthstones.com
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4962 (20100321) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>



__________ Information from ESET Smart Security, version of virus signature database 4962 (20100321) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Session Variable Problem

am 21.03.2010 16:26:17 von TedD

At 10:14 AM -0400 3/21/10, Gary wrote:
>Thanks again for all the help, however the plot thickens.

Gary :

It doesn't have to thicken. Here's an example of using $_SESSION that
works and you can have as many fields as you want:

http://www.webbytedd.com/aa/step-form-sessions/index.php

All the code is there. Plus, it will give you a way to go from page
to page without leaving the gathering page.

Cheers,

tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Session Variable Problem

am 22.03.2010 16:51:11 von gary

tedd

Please accept my apologies for not thanking you sooner, I am going over you
code and learning great stuff.

Again, thank you. And thank you to Adam as well.

gary



"tedd" wrote in message
news:p06240804c7cbe9aa17c6@[192.168.1.102]...
> At 10:14 AM -0400 3/21/10, Gary wrote:
>>Thanks again for all the help, however the plot thickens.
>
> Gary :
>
> It doesn't have to thicken. Here's an example of using $_SESSION that
> works and you can have as many fields as you want:
>
> http://www.webbytedd.com/aa/step-form-sessions/index.php
>
> All the code is there. Plus, it will give you a way to go from page to
> page without leaving the gathering page.
>
> Cheers,
>
> tedd
> --
> -------
> http://sperling.com http://ancientstones.com http://earthstones.com
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4962 (20100321) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>



__________ Information from ESET Smart Security, version of virus signature database 4965 (20100322) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php