Jump to content


Photo

sessions? or....


  • Please log in to reply
7 replies to this topic

#1 Branden Wagner

Branden Wagner
  • Members
  • PipPipPip
  • Advanced Member
  • 111 posts

Posted 27 July 2006 - 04:00 AM

I am creating a customer management system for my company.
and  right now after searching for the customer the customerid (cid) is passed in the url..
and then from there i just use $_GET['cid'] for each page that needs to pull the record.

is there a better way to do this? should i be storing it in a session, right now all i am storing in a sessions is the user (who is logged on and making changes) information suchas username,access level,department,...

should i be storing the requested customer account into a session to? right now i just keep the id in the url, and then every page does a new query select {whatever is needed } from {whatever was requested where id = $_GET['cid'];

make sense? any help is greatly appreciated

#2 corbin

corbin
  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 27 July 2006 - 04:37 AM

If you could post the login script this would be a lot easier to reply to.  Also is there anything that keeps anyone from changing the cid in their address bar?
Why doesn't anyone ever say hi, hey, or whad up world?

#3 Branden Wagner

Branden Wagner
  • Members
  • PipPipPip
  • Advanced Member
  • 111 posts

Posted 27 July 2006 - 04:41 AM

well this is customer administration so only employees will be seeing it, so it doesnt matter if they change the cid up top or not, it will just  pull the corresponding customer record.

login script just pulls EMPLOYEE information on login not customer
employee info like:
select id,fname,lname,department,accesslevel from employees where username = $username;

login script really has nothing to do with the customer records...

basically i want to know how i should be pulling/storing the customer record in a session or just via the url? which is better?
as both will work, but as far as being efficient which is better?

basically we do tech support and every call is logged and the reason for the call is logged, as well as their account information, and billing.

#4 corbin

corbin
  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 27 July 2006 - 04:52 AM

Oh.  Sorry misunderstood your initial post :D.  I dont think it really matters whether you use a URL or sessions since its not accessed by the public...
Why doesn't anyone ever say hi, hey, or whad up world?

#5 Branden Wagner

Branden Wagner
  • Members
  • PipPipPip
  • Advanced Member
  • 111 posts

Posted 03 August 2006 - 02:28 AM

is one less server intensive?

#6 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 03 August 2006 - 02:30 AM

put it this way, the difference is not noticable
Tell me the problem, I will try tell you the solution

#7 Branden Wagner

Branden Wagner
  • Members
  • PipPipPip
  • Advanced Member
  • 111 posts

Posted 03 August 2006 - 02:34 AM

that works for me. ill just use sessions then cuz i find that to be easier.

#8 nethnet

nethnet
  • Members
  • PipPipPip
  • Advanced Member
  • 284 posts
  • LocationPhiladelphia, PA, USA

Posted 03 August 2006 - 02:34 AM

It sounds like either way wouldn't really make much of a difference.  I mean, I would always recommend sessions over passing in the URL, if not for security then for good coding practice.  If you're really not concerned about anyone obtaining sensitive data then do whichever you feel better about.
"Creativity is allowing yourself to make mistakes. Art is knowing which ones to keep."  --Scott Adams

Current project: nethnet.com




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users