Netcasters

I have fixed my problem. I placed the following code in my index.php file: if (!isset ($_SESSION['uccverified'])) { $_SESSION['uccverified'] = 0; } $uccverified = $_SESSION['uccverified']; switch( $uccverified ) { case "0": if ( $_REQUEST['formid'] == 2 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 3 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } break; case "1": if ( $_REQUEST['formid'] == 1 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 3 && $_REQUEST['form2complete'] !== 1 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } break; } Then once the second form is completed, the link to the third location includes in the url form2complete=1. Therefore you can't view the third form without submitting the information on the second form, and you can't view the second form without verifying the first. Thanks for all your help! I'm a little less green now.

Well, I moved the code I just wrote from a file in the component to my index.php file and it seems to work. It's not perfect as it sets the uccverified bit to 2 before the submit button is pressed.

blank page now. I've tried to redesign the code using switch(), but I'm still coming up with the same issue, which is becoming totally disheartening. Here's my new code: if (!isset ($_SESSION['uccverified'])) { $_SESSION['uccverified'] = 0; } $uccverified = $_SESSION['uccverified']; switch( $uccverified ) { case "0": if ( $_REQUEST['formid'] != 1 ) { header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 2 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 3 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } break; case "1": if ( $_REQUEST['formid'] == 1 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 3 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 2 ) { $_SESSION['uccverified'] = 2; } break; case "2": if ( $_REQUEST['formid'] == 1 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 2 ) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1&Itemid=33" ); exit; } elseif ( $_REQUEST['formid'] == 3 ) { $_SESSION['uccverified'] = 0; } break; } Have I missed something? I put in a print_r ($_SESSION['uccverified']; and I get the right printout, except when I browse directly to formid=3, then the value is getting unset, because nothing shows up. I can't find anywhere that I'm unsetting it.

This code creates a continuous loop directing the browser to formid=1. Hence: Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

The problem is, because this is a component for Joomla, each form is built dynamically from a database. Each form runs through all the same files, which is why I needed to do a check on a single file for each form. Your way is much easier, but I don't see how it could be compatible with a component for a CMS.

Here is the first checkpoint. When they input the UCC code, it must match one of 8 numbers. This is probably crude, but it works: function isUCC( $strInput ) { if ($strInput == '20046501023227' or $strInput == '10046501023220' or $strInput == '20046501025474' or $strInput == '10046501025477' or $strInput == '20046501025481' or $strInput == '10046501025484' or $strInput == '20046501025726' or $strInput == '10046501025729') { $_SESSION['uccverified'] = '1'; return true; } else { return false; } } This is only run in the form is looking for a validation. My second forms are not looking for validation, so this is only run once in the entire process. The information is then returned to the phpForm file where my code is listed. Here is the newest version of code: if ( $_REQUEST['formid'] == 2 && $_SESSION['uccverified'] !== 1) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1"); exit; } elseif ( $_REQUEST['formid'] == 2 && $_SESSION['uccverified'] == 1) { $_SESSION['uccverified'] = '2'; } elseif ( $_REQUEST['formid'] == 3 && $_SESSION['uccverified'] !== 2) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1"); exit; } elseif ( $_REQUEST['formid'] == 3 && $_SESSION['uccverified'] == 2) { unset ($_SESSION['uccverified']); } My theory behind the uccverified is to just make it a check point for a value to allow the script to run. If it is equal to a specific value, it means that the previous checkpoint has been met and the user may go on. If the value was not set it means that the user was most likely trying to bypass steps and will therefore be sent back to the beginning. Does that make sense?

I've got the session_start() called up at the beginning of the files, which is why the check worked on the first 2 forms. The only problem I'm having is that the system is not stopping someone from direct-browsing to formid=3. That's the only part that's not working and if I had hair I'd have torn it out already because I simply can't figure out why. The code seems like it should work, logically. But like I said, I'm very green at PHP code.

I've made both of those changes listed. The uccverified now gets set correctly, but I am still able to simply input formid=3 in my url and it takes me to form 3 rather than redirecting me to form 1. I really appreciate both of your lightning fast responses.

I’m working on a Joomla component (don’t let that scare you) for forms. I’m trying to limit access to specific forms until the previous ones have been completed. I started by using a $_SESSION variable set at a specific point that each user must pass to go on. That worked marvelously. I’m trying to add a second step and the page is not being stopped. Here is my code as is (I’m very green at writing PHP, please be nice). if ( $_REQUEST['formid'] == 2 and $_SESSION['uccverified'] != 1) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1"); exit; } elseif ( $_REQUEST['formid'] == 2 and $_SESSION['uccverified'] = 1) { $_SESSION['uccverified'] = '2'; } elseif ( $_REQUEST['formid'] == 3 and $_SESSION['uccverified'] != 2) { $_SESSION['uccverified'] = 0; header ("Location: http://www.floracraft.com/index.php?option=com_performs&formid=1"); exit; } elseif ( $_REQUEST['formid'] == 3 and $_SESSION['uccverified'] = 2) { unset ($_SESSION['uccverified']); } The first checkpoint works. If you try to access formid=2 and you have not passed the checkpoint where the $_SESSION variable is set, you get automatically sent back to formid=1. If I try to browse to formid=3, however, I am not reverted back to formid=1. My deadline on this is about an hour. This was a last minute change for security measures and I need to get this going. Please help!