Jump to content

Session variable page 2 (mac-adres from $POST page 1) lost on page 3

HenkHouderij

By HenkHouderij
in PHP Coding Help

Recommended Posts

HenkHouderij Newbie

HenkHouderij

Posted
Posted

Some code from my pages ,

 

Page1 ( Redirecting page )

<html>
<title>login_redirect.</title>
body>

<form name="redirect" action="http://mysite/page2.php" method="post">
<input type="hidden" name="mac" value="$(mac)">
</form>

<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script>
</body>
</html>

Page 2 ( select product )

<?php


session_start();

ini_set('display_errors',1);
error_reporting(E_ALL); 

include '../lib/config.php';
include '../lib/opendb.php';

// get user mac adres from redirect post page1
$_SESSION['macid'] = $_POST['mac'];
// set $macid for other use ( maybe not needed, am learning )
$macid = $_SESSION['macid'];

// echo $macid does show mac adress, so variable is not empty here


if (!empty($_POST["submit"]))

{
$product_choice = $_POST['accounttype'];
$query= "SELECT AccountIndex, AccountCost, AccountName FROM AccountTypes WHERE AccountIndex='$product_choice'";
$result = mysql_query($query) or die('Query failed. ' . mysql_error()); 
while($row = mysql_fetch_array($result))
{
$_SESSION['AccountIndex'] = $row['AccountIndex'];
$_SESSION['AccountCost'] = $row['AccountCost'];
$_SESSION['AccountName'] = $row['AccountName'];
}


header('Location: page3.php');

}

// did leave out the other/html/form stuff here

Page 3 ( show Session variables )

<?php


ini_set('display_errors',1);
error_reporting(E_ALL); 

session_start();

print_r($_SESSION);

?>

Now, on page 3 i do see the right session varables, only the "macid" is empty.

 

why ?

 

 

QuickOldCar Regular Member

QuickOldCar

Posted
Posted

What is this?

value="$(mac)"

 

No idea why you are doing js redirects and all those pages

 

Make a file called process.php or something and do all the php logic in there with header redirects

 

Separate logic from html

 

Don't just assign a variable to a request

Check if it exists and make sure is not empty

if(isset($_POST['mac']) && trim($_POST['mac']) != ''){
$_SESSION['macid'] = trim($_POST['mac']);
}

mysql_* functions are deprecated, suggest using PDO or mysqli_* functions

 

You need to filter/sanitize or escape anything that gets inserted to your database

filter

checking ctype data

If you use PDO it can escape when using prepared statements.

Using mysqli_ is mysqli_real_escape_string()

QuickOldCar Regular Member

QuickOldCar

Posted
Posted

you were also missing a < in <body>

 

Try this...I even tested it.

<!DOCTYPE html>
<html>
<title>login_redirect.</title>
<head>
<script type="text/javascript" language="javascript">
function redirectForm() {
    document.getElementById("form-redirect").submit();
}
</script>
</head>
<body onLoad="redirectForm();">
<form id="form-redirect" action="http://mysite.com/page2.php" method="post">
<input type="hidden" name="mac" value="13565126262" />
</form>
</body>
</html>

as a self test use this

<?php
if(isset($_POST['mac'])){
    echo $_POST['mac'];
    die();
}
?>
<!DOCTYPE html>
<html>
<title>login_redirect.</title>
<head>
<script type="text/javascript" language="javascript">
function redirectForm() {
    document.getElementById("form-redirect").submit();
}
</script>
</head>
<body onLoad="redirectForm();">
<form id="form-redirect" action="" method="post">
<input type="hidden" name="mac" value="13565126262" />
</form>
</body>
</html>
HenkHouderij Newbie

HenkHouderij

Posted
  • Author
Posted

Thanks ! , i'm building and learning at the same time.

 

i did leave out as much as possible code to keep the starter question simple.

 

meanwhile i found also some other thread about it and pointing me in the good direction i think.

http://stackoverflow.com/questions/3935359/php-session-variables-lost-on-header-redirect-using-php-self-in-the-form-action

 

enough for me to work with for now.

HenkHouderij Newbie

HenkHouderij

Posted
  • Author
Posted

Looks like its solved ! , thanks QuickOldCar. you pointed out some good points ;D

+ with the thread i found i did build page2 with;  include("page3.php") and now i can see the session[macid] is still there.

 

now i can clean up and focus on get the mysql/filter code up to date.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.