Jump to content

Archived

This topic is now archived and is closed to further replies.

Branden Wagner

sessions? or....

Recommended Posts

I am creating a customer management system for my company.
and  right now after searching for the customer the customerid (cid) is passed in the url..
and then from there i just use $_GET['cid'] for each page that needs to pull the record.

is there a better way to do this? should i be storing it in a session, right now all i am storing in a sessions is the user (who is logged on and making changes) information suchas username,access level,department,...

should i be storing the requested customer account into a session to? right now i just keep the id in the url, and then every page does a new query select {whatever is needed } from {whatever was requested where id = $_GET['cid'];

make sense? any help is greatly appreciated

Share this post


Link to post
Share on other sites
If you could post the login script this would be a lot easier to reply to.  Also is there anything that keeps anyone from changing the cid in their address bar?

Share this post


Link to post
Share on other sites
well this is customer administration so only employees will be seeing it, so it doesnt matter if they change the cid up top or not, it will just  pull the corresponding customer record.

login script just pulls EMPLOYEE information on login not customer
employee info like:
select id,fname,lname,department,accesslevel from employees where username = $username;

login script really has nothing to do with the customer records...

basically i want to know how i should be pulling/storing the customer record in a session or just via the url? which is better?
as both will work, but as far as being efficient which is better?

basically we do tech support and every call is logged and the reason for the call is logged, as well as their account information, and billing.

Share this post


Link to post
Share on other sites
Oh.  Sorry misunderstood your initial post :D.  I dont think it really matters whether you use a URL or sessions since its not accessed by the public...

Share this post


Link to post
Share on other sites
It sounds like either way wouldn't really make much of a difference.  I mean, I would always recommend sessions over passing in the URL, if not for security then for good coding practice.  If you're really not concerned about anyone obtaining sensitive data then do whichever you feel better about.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.