Jump to content


Photo

Retain Values From Session


  • Please log in to reply
4 replies to this topic

#1 tarafenton

tarafenton
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 12 October 2006 - 02:52 PM

Hello,
I am trying to use sessions to retain the value of the text fields in a form, if the user does not complete the form, the users is redirected to the form, BUT the form fields are refreshed.  I want what ever the user filled into the form to appear when the user is redirected to the form.  PLEASE help with any suggestions.
TIA,
Tara

Here is my code-------------
index2.php
<?php
  session_start();

$_SESSION['fname'] = $_REQUEST['fname'];
$_SESSION['lname'] = $_REQUEST['lname'];
$_SESSION['sname'] = $_REQUEST['sname'];
$_SESSION['grade'] = $_REQUEST['grade'];
$_SESSION['address'] = $_REQUEST['address'];
$_SESSION['city'] = $_REQUEST['city'];
$_SESSION['state'] = $_REQUEST['state'];
$_SESSION['zip'] = $_REQUEST['zip'];
$_SESSION['email'] = $_REQUEST['email'];
  if (!isset($_SESSION['msg']))
    $_SESSION['msg']="* All fields are required fields";
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR...ml4/loose.dtd">
<html>
<head>
<title> Halloween Smiles Program</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="styles.css" rel="stylesheet" type="text/css">
</head>

<body topmargin="0px"><table align="center"><tr><td class="form">

<form action="send_form.php" method="post">
<table>
<tr><td colspan="2"><img src="title.jpg"></td></tr>
<tr><td colspan="2" align="left" class="text"><?php print $_SESSION['msg'] ?></td></tr>
<tr><td class="title">First Name: </td><td><input size="30" name="fname" type="text" value="<?php print $_SESSION['fname'] ?>"></td></tr>
<tr><td class="title">Last Name: </td><td><input size="30" name="lname" type="text" value="<?php print $_SESSION['lname'] ?>"></td></tr>
<tr><td class="title">School Name: </td><td><input size="30" name="sname" type="text" value="<?php print $_SESSION['sname'] ?>"></td></tr>
<tr><td class="title">Grade: </td><td><input size="30" name="grade" type="text" value="<?php print $_SESSION['grade'] ?>"></td></tr>

<tr><td  colspan="2" align="left" class="text"><br>Please provide the mailing address you would like your wall poster <br>
and memory album shipped to:<br></td>
</tr>

<tr><td class="title">Street Address: </td><td><input size="30" name="address" type="text" value="<?php $_SESSION['address'] ?>"></td></tr>
<tr><td class="title">City: </td><td><input size="30" name="city" type="text" value="<?php $_SESSION['city'] ?>"></td></tr>
<tr><td class="title">State: </td><td><input size="30" name="state" type="text" value="<?php $_SESSION['state'] ?>"></td></tr>
<tr><td class="title">Zip: </td><td><input size="30" name="zip" type="text" value="<?php $_SESSION['zip'] ?>"></td></tr>
<tr><td class="title">Email address: </td><td><input size="30" name="email" type="text" value="<?php $_SESSION['email'] ?>"></td></tr>
<tr><td  colspan="2" align="left" class="text"><br>Would you like to receive future emails from bsmmedia.com on <br>special offers?
<input type="radio" name="future" value="Yes"> Yes <input type="radio" name="future" value="No"> No
<br></td>
</tr>




<tr><td colspan="2" align="center"><input type="submit" value="Submit" class="submit"></td></tr>


</table>

</form>

</td><td valign="top"><img src="pumpkin2.jpg"></td></tr></table>

</body>
</html>

---------------------------------------------------
send_form.php
---------------------------------------------------
<?php
session_start();
$_SESSION['fname'] = $_REQUEST['fname'];
$_SESSION['lname'] = $_REQUEST['lname'];
$_SESSION['sname'] = $_REQUEST['sname'];
$_SESSION['grade'] = $_REQUEST['grade'];
$_SESSION['address'] = $_REQUEST['address'];
$_SESSION['city'] = $_REQUEST['city'];
$_SESSION['state'] = $_REQUEST['state'];
$_SESSION['zip'] = $_REQUEST['zip'];
$_SESSION['email'] = $_REQUEST['email'];


$dbhost="localhost" ; // Machine on which MySQL Database is running
$dbuser="bsm_halloween" ;            // Database User Login
$dbpass="H@P1lw3" ;            // Database User Password
$database = "bsmmedia" ;      // Database name
$tableName = "halloween" ;  // Name of the table



  $dblink = mysql_connect($dbhost, $dbuser, $dbpass);

  mysql_select_db($database, $dblink);

if ((strlen($_REQUEST['fname'])<1) || (strlen($_REQUEST['lname'])<1) || (strlen($_REQUEST['sname'])<1) || (strlen($_REQUEST['grade'])<1) || (strlen($_REQUEST['address'])<1) || (strlen($_REQUEST['city'])<1) || (strlen($_REQUEST['state'])<1) || (strlen($_REQUEST['zip'])<1) || (strlen($_REQUEST['email'])<1))
  {
  $_SESSION['msg'] = "Please be sure to fill out all required fields.";
  $_SESSION['fname'] = $_REQUEST['fname'];
print $_SESSION['lname'] = $_REQUEST['lname'];
$_SESSION['lname'] = $_REQUEST['lname'];
$_SESSION['sname'] = $_REQUEST['sname'];
$_SESSION['grade'] = $_REQUEST['grade'];
$_SESSION['address'] = $_REQUEST['address'];
$_SESSION['city'] = $_REQUEST['city'];
$_SESSION['state'] = $_REQUEST['state'];
$_SESSION['zip'] = $_REQUEST['zip'];
$_SESSION['email'] = $_REQUEST['email'];

// Dynamically Assign Key & Value to each Post
foreach($_POST as $key=>$value){
    $_SESSION[$key]=$value;
}
?>



header( 'Location: http://www.bsmmedia....hers/index2.php' ) ;
  } else {


mysql_query("INSERT INTO halloween (first_name, last_name, school_name, grade, address, city, state, zip, email, future_contact) VALUES ('$_REQUEST[fname]', '$_REQUEST[lname]','$_REQUEST[sname]', '$_REQUEST[grade]','$_REQUEST[address]', '$_REQUEST[city]','$_REQUEST[state]', '$_REQUEST[zip]', '$_REQUEST[email]', '$_REQUEST[future]')");

mysql_close($dblink);

header( 'Location: http://www.bsmmedia....ers/thanks.html' ) ;
}
?>

#2 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 12 October 2006 - 02:54 PM

What is the problem?

#3 tarafenton

tarafenton
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 12 October 2006 - 02:57 PM

the text fields are empty when the user fills out the form incompletely, even though i have the sessions set up

#4 tarafenton

tarafenton
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 12 October 2006 - 03:25 PM

I got it
It was that I had
$_SESSION['fname'] = $_REQUEST['fname'];
$_SESSION['lname'] = $_REQUEST['lname'];
$_SESSION['sname'] = $_REQUEST['sname'];
$_SESSION['grade'] = $_REQUEST['grade'];
$_SESSION['address'] = $_REQUEST['address'];
$_SESSION['city'] = $_REQUEST['city'];
$_SESSION['state'] = $_REQUEST['state'];
$_SESSION['zip'] = $_REQUEST['zip'];
$_SESSION['email'] = $_REQUEST['email'];
in index.php that was refreshing the values

#5 KevinM1

KevinM1
  • Moderators
  • Snarkimus Prime
  • 5,248 posts

Posted 12 October 2006 - 03:44 PM

I see you figured it out, but since I wrote this huge reply, I figured I'd post it anyway.  At the very least, it may give you some new ideas with form handling. :)

First, you should never hard-code your database login routine in a script.  It should be kept in its own, separate file (preferably outside of your web root), and then included in those scripts that need database access.

Second, since you're trying to make a sticky form, it's far more efficient to make one script with something along the lines of:

<?php

session_start();

foreach ($_POST as $key => $value){
   $_SESSION[$key] = $value;
} //fill the session info with what (if anything) has been posted

if (isset($_POST['submit'])){
   include (../database_connect.php); //your database login routine file that's outside of the web root
   /* handle the form */
   if(/*everything is okay*/){
      header("Location: blah.php"); //redirect the user to a different page if the form has been inputted and processed correctly
      exit();
   }

   else{
      echo "$error_message";
   }
}
?>

   <form action="<?php echo $_SERVER['PHP_SELF']; ?> method="post">
<table> 
<tr><td colspan="2"><img src="title.jpg"></td></tr>
<tr><td colspan="2" align="left" class="text"><?php echo $_POST['msg'] ?></td></tr>
   <tr><td class="title">First Name: </td><td><input size="30" name="fname" type="text" value="<?php echo $_POST['fname'] ?>"></td></tr>
   <tr><td class="title">Last Name: </td><td><input size="30" name="lname" type="text" value="<?php echo $_POST['lname'] ?>"></td></tr>
   <tr><td class="title">School Name: </td><td><input size="30" name="sname" type="text" value="<?php echo $_POST['sname'] ?>"></td></tr>
   <tr><td class="title">Grade: </td><td><input size="30" name="grade" type="text" value="<?php echo $_POST['grade'] ?>"></td></tr>
   
   <tr><td  colspan="2" align="left" class="text">
Please provide the mailing address you would like your wall poster and memory album shipped to:
</td>
   </tr>
   
   <tr><td class="title">Street Address: </td><td><input size="30" name="address" type="text" value="<?php echo $_POST['address'] ?>"></td></tr>
   <tr><td class="title">City: </td><td><input size="30" name="city" type="text" value="<?php echo $_POST['city'] ?>"></td></tr>
   <tr><td class="title">State: </td><td><input size="30" name="state" type="text" value="<?php echo $_POST['state'] ?>"></td></tr>
   <tr><td class="title">Zip: </td><td><input size="30" name="zip" type="text" value="<?php echo $_POST['zip'] ?>"></td></tr>
   <tr><td class="title">Email address: </td><td><input size="30" name="email" type="text" value="<?php echo $_POST['email'] ?>"></td></tr>
<tr><td  colspan="2" align="left" class="text">
Would you like to receive future emails from bsmmedia.com on 
special offers? 
<input type="radio" name="future" value="Yes"> Yes <input type="radio" name="future" value="No"> No

</td>
   </tr>
   <tr><td colspan="2" align="center"><input type="submit" value="Submit" class="submit"></td></tr>
</table>

</form>

This should eliminate the need to have one script that displays the form and one that processes it.

If the user has submitted the form, the script will process it (which is what the isset conditional checks for).

If the form was processed without any errors (in other words, if everything was filled in correctly), the user is redirected to another page (blah.php, in this instance) and the script ends.

If there is some error with the form (not all of the inputs were filled in, bad data, that sort of thing), the script will echo an error message (which should be constructed while you check the inputs for validity and correctness).

If there's an error, or if the form has not been submitted, the form itself will be displayed.

I use the $_POST array in the form as I think it's a bit more secure than the $_SESSION array for this purpose...you probably don't want the form to display all of the user's info if they accidentally return to it while still browsing your site after submission.

You should definitely do more than just check the input's length when handling the form.  A malicious user could do all sorts of things with your form (and, by extension, your database) as it stands now.

Hope this gives you some good ideas. :)
Using 'global' is a sign of doing it wrong




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users