Jump to content

cookies


New Coder

Recommended Posts

Hello all,

 

I hope someone can shed some light/point me in the right direction.

 

I have a site that allows you to search for a customer then view and change their detail.

 

page 1 has a search box for name entry.

page 2 displays all the matches retrieved from a db table that match. The user selects which customer is the correct 1 and sets a cookie containing the selected customers unique id.

page 3 allows changing of the customers details.

 

now the problem I have:

If a user navigates to page 3 and has a customers details on page for viewing all is well.

If they open a new tab (leaving page 3 open on first tab) and go to page 1, search for another customer, page 2 select another customer (which overwrites cookie) then to page 3. They now have two tabs open on page 3 both displaying different customer details.

If they return to the first tab and change some detail, when they save it actually updates the users details that corrispond to the second tab. I know this is because the cookie has been changed that holds the unique id that is required for the update query.

 

How can I prevent this?

I've looked at sessions but it would seem the same issue would excist. Am I wrong?

 

Many Thanks

 

I hope I made sense.

Link to comment
Share on other sites

same issue exists IF you use COOKIES to handle PHPSESSID, but if you append the PHPSESSID to the url, than you can basically have multiple sessions per user..

 

but asside from the above, which would be easier, if you want to limit 1 session per user, and just thread the session out to accommodate multiple tabs you could use the same logic as the first thing I mentioned..

With minor differences..

When a user goes to step1, set a variable in 2 places... E.G.

 

<?php
  session_start();
  $a = rand(1,1000);
  for ($i = rand(1,10); $i < rand(11,20); $i++) $a += rand(1,rand(35,1000)); // KINDA ensures a random number
  $ref &= $_SESSION['tabs'][$a];
  $ref = array(); // use $ref for the rest of STEP 1
?> 

 

^^ in the form of step 1, 2 AND 3.. include a hidden input like so:

<input type="hidden" name="tab" value="<?php echo $a; ?>" />

 

and then in STEP 2 get the current $ref for the current tab by doing this:

 

<?php
session_start();
$ref = $_SESSION['tabs'][$_REQUEST['tab']];
?>

 

the only downside to method #2 is if a user hits the backbutton all the way to step 1, a new tab id will be generated, and then the session file could get huge if that guy likes to refresh on step 1 aswell.. a whole lot :P

 

so theres drawbacks to both, you can decide which one you like better

Link to comment
Share on other sites

I kinda see where you are going but I'm getting error:

PHP Notice: Undefined variable: ref in C:\inetpub\wwwroot\test.php on line 5

on page 1

 

this is how page 1 looks at the moment:

<?php
session_start();  
$a = rand(1,1000);  
for ($i = rand(1,10); $i < rand(11,20); $i++) $a += rand(1,rand(35,1000)); // KINDA ensures a random number  
$ref &= $_SESSION['tabs'][$a];  
$ref = array(); // use $ref for the rest of STEP 1

$list = "<table>";
$list .= "<tr>";
$list .= "<th colspan=\"4\">Search for a Customer</th>";
$list .= "</tr>";
$list .= "<tr>";
$list .= "<td></td><form action=\"test2.php\" method=\"post\">";
$list .= "<td>Forename (Leave blank for all)</td>";
$list .= "<td>Surname (Leave blank for all)</td>";
$list .= "<td></td>";
$list .= "</tr>";
$list .= "<tr>";
$list .= "<td>Name Search</td><form action=\"search_name.php\" method=\"post\">";
$list .= "<td><input type=\"text\" name=\"forename\" size=\"25\"></td>";
$list .= "<td><input type=\"text\" name=\"surname\" size=\"25\"><input type=\"text\" name=\"tab\" value=\"$a\"></td>";
$list .= "<td class=submit><input type=\"submit\" class=\"submit\" value=\"Search\"></form></td>";
$list .= "</tr>";
$list .= "</table>";
echo $list
?>

Link to comment
Share on other sites

I kinda see where you are going but I'm getting error:

PHP Notice: Undefined variable: ref in C:\inetpub\wwwroot\test.php on line 5

on page 1

 

this is how page 1 looks at the moment:

<?php
session_start();  
$a = rand(1,1000);  
for ($i = rand(1,10); $i < rand(11,20); $i++) $a += rand(1,rand(35,1000)); // KINDA ensures a random number  
$ref &= $_SESSION['tabs'][$a];  
$ref = array(); // use $ref for the rest of STEP 1

$list = "<table>";
$list .= "<tr>";
$list .= "<th colspan=\"4\">Search for a Customer</th>";
$list .= "</tr>";
$list .= "<tr>";
$list .= "<td></td><form action=\"test2.php\" method=\"post\">";
$list .= "<td>Forename (Leave blank for all)</td>";
$list .= "<td>Surname (Leave blank for all)</td>";
$list .= "<td></td>";
$list .= "</tr>";
$list .= "<tr>";
$list .= "<td>Name Search</td><form action=\"search_name.php\" method=\"post\">";
$list .= "<td><input type=\"text\" name=\"forename\" size=\"25\"></td>";
$list .= "<td><input type=\"text\" name=\"surname\" size=\"25\"><input type=\"text\" name=\"tab\" value=\"$a\"></td>";
$list .= "<td class=submit><input type=\"submit\" class=\"submit\" value=\"Search\"></form></td>";
$list .= "</tr>";
$list .= "</table>";
echo $list
?>

 

I'm sorry, where it says &=, change that to =&

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.