Enter a session to start a form from an email link URL

[hugeness]

Hello

 

I have set-up a very long form for someone, but they want it filled in by sending a link to their friends, who then click on the link, going straight to the form, avoiding the login page.. all pages have session_start() was wondering if its possible to send a url to get them through the session protection?

I suppose its like when a person forgets their password and a special link gets sent out, but not sure how this is done.. is this straightforward?

 

thanks!

[p2grace]

One such method would be to send it to a link that is not protected by the session security, but that link creates the session variables, and then redirects to the form that is secured by the session.

 

The other method would be to adjust your security that checks for sessions and creates an exception.  Although I would suggest the first route.

[ignace]

The best route would be to not use session's at all and more importantingly not allow impersonation. Instead use a db table in which you store the values for the form:

 

friends_forms (id, uniqid, data)

 

Then using PHP:

 

if (submit) {
    $hash = sha1(uniqid());
    $data = serialize($_POST);
    $sql = "INSERT INTO friends_forms (uniqid, data) VALUES ('$hash', '$data')";
    // send an e-mail to the user containing form.php?unique=$hash
    // when the friend clicks the link, load the data using hash from friends_forms and fill the form (don't forget to unserialize())
}