Jump to content


Photo

Destroy sessions upon leaving page, but not refreshing


Best Answer davidannis, 18 October 2013 - 09:06 PM

Two possible solutions. One (and I'm not sure this would work though I think it should) - use javascript to make the submit button fire off an AJAX request to a script that destroys the session.

 

Two - and this is how I would handle it. Use Paypal's payment data transfer (PDT) to send back information about the payment and clear the sessions variables ONLY IF the payment succeeded. If the payment fails you can direct them to a page that lets them try again.

Go to the full post


  • Please log in to reply
8 replies to this topic

#1 ash992

ash992

    Advanced Member

  • Members
  • PipPipPip
  • 56 posts

Posted 18 October 2013 - 08:28 PM

Hi guys, I'm just trying to create a page in which I want to destroy all of the session variables upon leaving the page (Via a form being submitted), however if someone hits the refresh button I don't want the sessions to be destroyed.

 

I unfortunately can't just destroy the sessions upon getting to the form action location as that's not on my site.

 

So I understand that 

session_destroy();

will destroy them all when I leave the page, however this will also destroy them when I refresh the page, does anyone know if this is even possible to do with php? because I really don't have a clue where to go here... 

 

Thanks very much in advance,

any help is much' appreciated! 



#2 mac_gyver

mac_gyver

    Advanced Member

  • Administrators
  • 2,233 posts

Posted 18 October 2013 - 08:42 PM

i think this is probably a case where describing the overall goal/purpose would help. what are you trying to accomplish or prevent by doing this?


multi-purpose programming fool and resident naysayer [We try not be negative in replies, but telling someone what they're doing wrong, while staying politically correct, isn't always going to happen.]

#3 ash992

ash992

    Advanced Member

  • Members
  • PipPipPip
  • 56 posts

Posted 18 October 2013 - 08:49 PM

basically I'm trying to setup a shop in php, so on a previous page you have to enter all of your details about your address, this page just shows you all of those details before you pay, the form is a payment button created by paypal.

 

it's important to destroy the variables as if someone visits the website after making a purchase I don't want things like the basket to still say that it has items inside of it, however if someone is to refresh the page for whatever reason before they press pay now on the page that shows their detials they'll loose all of the information they have entered, and the items they had inside of their basket. 

 

hope that helped, thanks very much for the fast reply :) 



#4 davidannis

davidannis

    Freak Dr.

  • Members
  • PipPipPip
  • 563 posts
  • LocationOkemos, MI USA

Posted 18 October 2013 - 09:06 PM   Best Answer

Two possible solutions. One (and I'm not sure this would work though I think it should) - use javascript to make the submit button fire off an AJAX request to a script that destroys the session.

 

Two - and this is how I would handle it. Use Paypal's payment data transfer (PDT) to send back information about the payment and clear the sessions variables ONLY IF the payment succeeded. If the payment fails you can direct them to a page that lets them try again.



#5 mac_gyver

mac_gyver

    Advanced Member

  • Administrators
  • 2,233 posts

Posted 18 October 2013 - 09:07 PM

you should store the cart contents in a database, so that you have a record of what is in a potential order to compare against what you receive back from paypal.

 

just because a visitor reaches the 'review' page, doesn't mean they ever submit the form on that page or complete the payment process once they are on the paypal site. you should persistently 'remember' the cart/order with a status value that indicates it reached the review step, along with the current date/time. you should then use the IPN information you get back from paypal to conform that the order was completed and the correct payment amount was processed. you would change the status value stored with the order to indicate it is an actual order and has been paid for. for orders that are never completed, you would delete them from the database a reasonable amount of time after the date/time they were stored.


multi-purpose programming fool and resident naysayer [We try not be negative in replies, but telling someone what they're doing wrong, while staying politically correct, isn't always going to happen.]

#6 ash992

ash992

    Advanced Member

  • Members
  • PipPipPip
  • 56 posts

Posted 18 October 2013 - 10:30 PM

Thanks for the replies guys :) very useful, and I understand that by people reaching the review page doesn't mean they're ordered, but I've just set it to store their order and details including what they've ordered, quantity, price, address etc in a database that also stores their email, so if I get that entry into my database followed by a paypal payment then I know to send them a package because I've received the money :) 

 

and I'd never actually heard of the PDT thing from paypal before but this is exactly what I was looking for :D thank-you both very much for your help :) 

 

Have a nice day 



#7 vinny42

vinny42

    Advanced Member

  • Members
  • PipPipPip
  • 414 posts

Posted 19 October 2013 - 02:27 AM

Also: don't use session_destroy() when all you want to do is empty the cart. Just emty the sessionvariable that contains the cart.

 

Why: because the session may/should contain much more than just the cart, like the user's address (so he doesn't have to type it twice if he makes two orders, or cancels his first order an re-orders immediately)

 

Never destroy, fix!



#8 davidannis

davidannis

    Freak Dr.

  • Members
  • PipPipPip
  • 563 posts
  • LocationOkemos, MI USA

Posted 19 October 2013 - 08:51 AM

you should then use the IPN information you get back from paypal to conform that the order was completed and the correct payment amount was processed. you would change the status value stored with the order to indicate it is an actual order and has been paid for. for orders that are never completed, you would delete them from the database a reasonable amount of time after the date/time they were stored.

 

The problem with using IPN is that it is not real time and since he was worried about a user going back to the site before he closed his browser I recommended PDT. I've had IPN take hours to complete, though it usually completes in minutes.

 

The problem with PDT is that if it fails it does not retry. If you have time to program the best way is to use both (which Paypal allows). Have PDT take your action immediately and have an IPN listener to catch any transaction where PDT fails. Of course, you don't want to have the application do something twice so you may need logic to make sure that you are not doing something like adjusting inventory twice (once for IPN and once for PDT).



#9 vinny42

vinny42

    Advanced Member

  • Members
  • PipPipPip
  • 414 posts

Posted 19 October 2013 - 12:34 PM


The problem with using IPN is that it is not real time and since he was worried about a user going back to the site before he closed his browser I recommended PDT.

 

Most payment provides provide both methods; when a payment is completed a message is sent to the merchant and the  merchant can poll the paymentprovider to ask for the status of a payment. You should always implement both, because the call from the paymentprovider may get lost and it can take a few minutes for the payment to complete. (hours, even days for some creditcards)

 

But this is separate from the OP's problem, which is that he want's to keep the shoppingcart in tact for one more page after placing the order. What he should do of course is move the items from the cart to the order and display the summary of the *order*, not of the cart+address.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com