Jump to content

Sessions and hidden inputs

mister_littlejeans

By mister_littlejeans
in PHP Coding Help

 Share

Recommended Posts

mister_littlejeans Newbie

mister_littlejeans

Posted
Posted

Hi all,

 

I have a site where users can register and then access a protected page by signing in with their account username and password. On this "account-protected" page, the user can submit a form with various inputs. The page currently works perfectly, but I'd also like to pass values such as the user's username and email address into the database where they submit values so that I know who submitted what.

 

I assumed using a session and passing the values via hidden inputs would be the best way to do this, but I don't know where to begin. Any ideas on a script that could do this? I have an index.php file with the HTML form and an upload.php file that handles most of the processing. I assume some tweaks would need to be made to both but will wait for your suggestions before posting the code, since you helpful folks may not even need it :)

 

Thanks so much in advance,

mister_littlejeans

Link to comment
https://forums.phpfreaks.com/topic/116600-sessions-and-hidden-inputs/
Share on other sites
Sephirangel Newbie

Sephirangel

Posted
Posted

Hello mister_littlejeans,

 

are you storing information about the user submissions in a seperate table? if so all youll need to so is create another field in your table for the username and (if your holding the username in the $_SESSION array, pass the username as an arugment in the INSERT query).

 

Hope that helps!

.josh Advanced Member

.josh

Posted
Posted

sessions and passing values through hidden fields are both a form of data persistence but they are two different things.  I would not suggest using hidden fields at all, as it is not in any way secure.  A session var is used like this:

 

page1.php

<?php
  // need this to tell php that you have a session
  session_start();

  // session variable
  $_SESSION['username'] = "mister_littlejeans";

  // example to go to next page. can use a header or a form target instead
  echo "<a href = 'page2.php'>page2</a>";
?>

 

page2.php

<?php
  // yes, you need this on every page you wish to use session vars on
  session_start();

  // example use: echo out var
  echo $_SESSION['username'];
?>

 

JonnoTheDev Regular Member

JonnoTheDev

Posted
Posted

Sephirangel is correct. I think you may need to do a little reading on sessions. If a session is set after a user logs in successfully and the value of the session variable contains their user ID that comes from a users database table so:

// login successful
$_SESSION['user'] = $userId;

 

the session will remain active until it is destroyed by using unset($_SESSION) - this may be in a logout script, or the closing of the web browser, or a period of inactivity by the user. So when your database queries insert the records into various tables you can add a userId field to those tables and in your queries:

// part of mysql query
INSERT INTO tableName SET userId='".$_SESSION['user']."', field1=''

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.