HenkHouderij Posted October 29, 2014 Share Posted October 29, 2014 Some code from my pages , Page1 ( Redirecting page ) <html> <title>login_redirect.</title> body> <form name="redirect" action="http://mysite/page2.php" method="post"> <input type="hidden" name="mac" value="$(mac)"> </form> <script language="JavaScript"> <!-- document.redirect.submit(); //--> </script> </body> </html> Page 2 ( select product ) <?php session_start(); ini_set('display_errors',1); error_reporting(E_ALL); include '../lib/config.php'; include '../lib/opendb.php'; // get user mac adres from redirect post page1 $_SESSION['macid'] = $_POST['mac']; // set $macid for other use ( maybe not needed, am learning ) $macid = $_SESSION['macid']; // echo $macid does show mac adress, so variable is not empty here if (!empty($_POST["submit"])) { $product_choice = $_POST['accounttype']; $query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'"; $result = mysql_query($query) or die('Query failed. ' . mysql_error()); while($row = mysql_fetch_array($result)) { $_SESSION['AccountIndex'] = $row['AccountIndex']; $_SESSION['AccountCost'] = $row['AccountCost']; $_SESSION['AccountName'] = $row['AccountName']; } header('Location: page3.php'); } // did leave out the other/html/form stuff here Page 3 ( show Session variables ) <?php ini_set('display_errors',1); error_reporting(E_ALL); session_start(); print_r($_SESSION); ?> Now, on page 3 i do see the right session varables, only the "macid" is empty. why ? Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 29, 2014 Share Posted October 29, 2014 What is this? value="$(mac)" No idea why you are doing js redirects and all those pages Make a file called process.php or something and do all the php logic in there with header redirects Separate logic from html Don't just assign a variable to a request Check if it exists and make sure is not empty if(isset($_POST['mac']) && trim($_POST['mac']) != ''){ $_SESSION['macid'] = trim($_POST['mac']); } mysql_* functions are deprecated, suggest using PDO or mysqli_* functions You need to filter/sanitize or escape anything that gets inserted to your database filter checking ctype data If you use PDO it can escape when using prepared statements. Using mysqli_ is mysqli_real_escape_string() Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 29, 2014 Share Posted October 29, 2014 Additionally... use exit(); or die(); directly after header redirects to stop the rest of code from continuing header('Location: page3.php'); exit(); Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 29, 2014 Share Posted October 29, 2014 (edited) you were also missing a < in <body> Try this...I even tested it. <!DOCTYPE html> <html> <title>login_redirect.</title> <head> <script type="text/javascript" language="javascript"> function redirectForm() { document.getElementById("form-redirect").submit(); } </script> </head> <body onLoad="redirectForm();"> <form id="form-redirect" action="http://mysite.com/page2.php" method="post"> <input type="hidden" name="mac" value="13565126262" /> </form> </body> </html> as a self test use this <?php if(isset($_POST['mac'])){ echo $_POST['mac']; die(); } ?> <!DOCTYPE html> <html> <title>login_redirect.</title> <head> <script type="text/javascript" language="javascript"> function redirectForm() { document.getElementById("form-redirect").submit(); } </script> </head> <body onLoad="redirectForm();"> <form id="form-redirect" action="" method="post"> <input type="hidden" name="mac" value="13565126262" /> </form> </body> </html> Edited October 29, 2014 by QuickOldCar Quote Link to comment Share on other sites More sharing options...
HenkHouderij Posted October 29, 2014 Author Share Posted October 29, 2014 Thanks ! , i'm building and learning at the same time. i did leave out as much as possible code to keep the starter question simple. meanwhile i found also some other thread about it and pointing me in the good direction i think. http://stackoverflow.com/questions/3935359/php-session-variables-lost-on-header-redirect-using-php-self-in-the-form-action enough for me to work with for now. Quote Link to comment Share on other sites More sharing options...
HenkHouderij Posted October 29, 2014 Author Share Posted October 29, 2014 Looks like its solved ! , thanks QuickOldCar. you pointed out some good points + with the thread i found i did build page2 with; include("page3.php") and now i can see the session[macid] is still there. now i can clean up and focus on get the mysql/filter code up to date. Quote Link to comment Share on other sites More sharing options...
HenkHouderij Posted October 29, 2014 Author Share Posted October 29, 2014 dont see how to close the Topic as solved ? Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted October 29, 2014 Share Posted October 29, 2014 lower right side all comments "Mark as solved" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.