Jump to content

Recommended Posts

Some code from my pages ,

 

Page1 ( Redirecting page )

<html>
<title>login_redirect.</title>
body>

<form name="redirect" action="http://mysite/page2.php" method="post">
<input type="hidden" name="mac" value="$(mac)">
</form>

<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script>
</body>
</html>

Page 2 ( select product )

<?php


session_start();

ini_set('display_errors',1);
error_reporting(E_ALL); 

include '../lib/config.php';
include '../lib/opendb.php';

// get user mac adres from redirect post page1
$_SESSION['macid'] = $_POST['mac'];
// set $macid for other use ( maybe not needed, am learning )
$macid = $_SESSION['macid'];

// echo $macid does show mac adress, so variable is not empty here


if (!empty($_POST["submit"]))

{
$product_choice = $_POST['accounttype'];
$query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'";
$result = mysql_query($query) or die('Query failed. ' . mysql_error()); 
while($row = mysql_fetch_array($result))
{
$_SESSION['AccountIndex'] = $row['AccountIndex'];
$_SESSION['AccountCost'] = $row['AccountCost'];
$_SESSION['AccountName'] = $row['AccountName'];
}


header('Location: page3.php');

}

// did leave out the other/html/form stuff here

Page 3 ( show Session variables )

<?php


ini_set('display_errors',1);
error_reporting(E_ALL); 

session_start();

print_r($_SESSION);

?>

Now, on page 3 i do see the right session varables, only the "macid" is empty.

 

why ?

 

 

What is this?

value="$(mac)"

 

No idea why you are doing js redirects and all those pages

 

Make a file called process.php or something and do all the php logic in there with header redirects

 

Separate logic from html

 

Don't just assign a variable to a request

Check if it exists and make sure is not empty

if(isset($_POST['mac']) && trim($_POST['mac']) != ''){
$_SESSION['macid'] = trim($_POST['mac']);
}

mysql_* functions are deprecated, suggest using PDO or mysqli_* functions

 

You need to filter/sanitize or escape anything that gets inserted to your database

filter

checking ctype data

If you use PDO it can escape when using prepared statements.

Using mysqli_ is mysqli_real_escape_string()

you were also missing a < in <body>

 

Try this...I even tested it.

<!DOCTYPE html>
<html>
<title>login_redirect.</title>
<head>
<script type="text/javascript" language="javascript">
function redirectForm() {
    document.getElementById("form-redirect").submit();
}
</script>
</head>
<body onLoad="redirectForm();">
<form id="form-redirect" action="http://mysite.com/page2.php" method="post">
<input type="hidden" name="mac" value="13565126262" />
</form>
</body>
</html>

as a self test use this

<?php
if(isset($_POST['mac'])){
    echo $_POST['mac'];
    die();
}
?>
<!DOCTYPE html>
<html>
<title>login_redirect.</title>
<head>
<script type="text/javascript" language="javascript">
function redirectForm() {
    document.getElementById("form-redirect").submit();
}
</script>
</head>
<body onLoad="redirectForm();">
<form id="form-redirect" action="" method="post">
<input type="hidden" name="mac" value="13565126262" />
</form>
</body>
</html>
Edited by QuickOldCar

Thanks ! , i'm building and learning at the same time.

 

i did leave out as much as possible code to keep the starter question simple.

 

meanwhile i found also some other thread about it and pointing me in the good direction i think.

http://stackoverflow.com/questions/3935359/php-session-variables-lost-on-header-redirect-using-php-self-in-the-form-action

 

enough for me to work with for now.

Looks like its solved ! , thanks QuickOldCar. you pointed out some good points ;D

+ with the thread i found i did build page2 with;  include("page3.php") and now i can see the session[macid] is still there.

 

now i can clean up and focus on get the mysql/filter code up to date.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.