Jump to content

convert GET to POST (and AVOID $_SESSIONS !!! )


Recommended Posts

ALMOST DONE WITH MY WEBSITE!
LAST HURDLE AS FOLLOWS
(then I won't bother you guys no more hehe)

Visitors add SKU numbers to my website in GROUPS AT A TIME to see prices like this
SKU# XYZ = $10.00
Then they add another couple SKUs, like this: SKU# ABC, SKU# PQR........ and then they see this:
SKU# XYZ = $10.00
SKU# ABC = $20.00
SKU# PQR = $5.00
.... and when they're done they put in their name and address and voila! They have a packing slip.

All the data they enter is contained in a PHP $_POST variable using <input type="hidden" name="sku_numbers" value="implode($posted_sku_number__array)"> and then reposted as they keep adding more stuff.

Everything's fine unless midstream if they decide to click a referral link to add a referred sku number (https://myWebsite/link.php?Referer=RefererCompany&SKU=XYZ)

Obviously, if they decide to click the link, it's a $_GET request, and all my $_POST data vanishes. 😡

So I implemented Sessions, and now my website saves $_POST inside of $_SESSION, and then if a GET request is made, $_POST is repopulated from $_SESSION. Like this:
if ($_SERVER['REQUEST_METHOD'] === 'POST') { $_SESSION["post"] = $_POST; }
if(isset($_GET)) {
  if(isset($_SESSION["post"])) {
  $_POST = $_SESSION["post"];
  }
}

My website now works, but I don't like it. I don't like sessions, I don't like 1000 lines of code to make sessions work, and unless I have session_unset() in all the right places, and 1% of the time there's the odd unexpected result.....like if a visitor completes an order with 50 SKUs, then starts over with just 1 sku, the pricing page will still show those last 50 skus because I forgot to unset one of the $_SESSION variables...

QUESTION:
All this get/post/session nonsense could be AVOIDED if that referral link thingy could be turned into a POST request instead of a GET request so I don't lose all my $_POST data.
CAN SUCH A THING BE DONE: TURN A REFERRAL GET LINK INTO A POST AS DESCRIBED ABOVE?

Thank you in advance.


 

 

Link to comment
https://forums.phpfreaks.com/topic/314627-convert-get-to-post-and-avoid-_sessions/
Share on other sites

There's a lot to unpack in your question, so I'll try and address a few things.

Quote

Everything's fine unless midstream if they decide to click a referral link to add a referred sku number (https://myWebsite/link.php?Referer=RefererCompany&SKU=XYZ)

As Barand already suggested, Ajax is the standard solution to this problem.  Another possibility would be to use frames and have the lookup occur in an iframe.  Without seeing your UI It's hard to understand the modality issue or possible solutions to it.

Quote

My website now works, but I don't like it. I don't like sessions, I don't like 1000 lines of code to make sessions work, and unless I have session_unset() in all the right places, and 1% of the time there's the odd unexpected result

This sounds like a "you" problem.  Using sessions does not require 1k lines of code or anything close to it.

If you have structure issues or something that doesn't work correctly, that probably relates to the structure (or lack thereof) in your code.  One other issue that does sometimes crop up with manual regression testing, is that you can get into a situation where you are doing things that a normal user will never do, because you are repeatedly testing things with your browser which engages your local environment, making a session cookie and one or more sessions on the server. 

Unit tests and automated testing tools are valuable in separating things, because they offer a fresh client environment and repeatability.  With unit tests, you avoid environmental issues entirely. 

If you are only able to do manual regression testing at this point, one suggestion I would make is that whenever you are doing testing, engage Incognito mode for that testing session and exit it when you're done.

From a usability point of view sessions offer a feature that you can't get with pure HTTP GET/POST, and that is server side storage of values that is both "secret" and persists as long as you want it to persist. 

If someone accidently closes the browser or tab entirely, everything will be lost, whereas with sessions, they can get back exactly to the place they were.

So beyond the out-of-band issue you currently face, sessions can facilitate many usability features that can only otherwise be handled in any form with some combination of cookies and POST/GET variables.  Of course Sessions do rely upon a session cookie, but that should be, once configured, completely invisible to you, whereas direct cookie handling requires a detailed understanding of HTTP and how/when cookies can be set.

 

 

 

 

 

  • Great Answer 1

I love the idea of Ajax (thank you Barand!). But I should have explained better.
The visitor manually prices their widgets on my website to see my offering prices, like this:
1.) Visitor has a box of 5 widgets sitting on their desk.
2.) Visitor manually types in the SKU numbers from those 5 widgets and clicks "Submit" to see my Offering Prices.
3.) Visitor may enter all 5 SKU numbers at once, click "Submit" and see all 5 prices all at once, or, they can enter and submit them one-at-a-time, until all 5 widgets appear with prices.
4.) NORMALLY, the Visitor would then enter their name and address and click "Complete Order" and then a Packing Slip is generated.

However, before the visitor "completes their order," they might choose to price one of those widgets on one of those 3rd-Party "Best Price" comparison-style websites that are popularly used for pricing widgets.

Those 3rd Party websites have all of us companies listed, with our respective offering prices, and a "Sell Here" button next to each of our company's prices:
<a href="https://myWebsite/link.php?Referer=RefererCompany&SKU=XYZ>Sell Here</a>

When the visitor clicks that "Sell Here" button on that 3rd party website, that causes the Pricing Page described above to reload with the $_GET request, thus causing all the $_POST data from the previously priced 5 widgets to vanish. (Unless I use Sessions)

So although I hope I somehow could use Ajax, I don't see how it would fit in.

I hope there is a way to use Ajax -- I'm all ears on any suggestions on this. (And, of course, any alternatives if Ajax is not possible.)

p.s. @Gizmola.... you said, "This sounds like a "you" problem." haha -- yes, you caught me there -- okay, so maybe not 1000 lines of code, maybe just 15 lines of code.... but I've always aspired to always use really short "one-liner" code.... so to me, 15 lines of $_SESSION code really does feel like 1000 lines 😀 Also, my website is intentionally designed so visitors never have "register" or "log in." Although having required registration/login would programatically solve lots of issues, my customers demand to not have to "log in" (they consider "not having to register" to be a feature).

p.s.3 Oh my goodness... I think this is my longest ever post :-) But I'm thisssss closssseeee [making pinching finger gesture] to being all done 😀😀😀

 

Edited by ChenXiu

Or maybe opening your referral links in a new tab would help ...

<a href="https://myWebsite/link.php?Referer=RefererCompany&SKU=XYZ" target="_blank">Sell Here</a>

... so that the page isn't replaced.

 

As Gizmola stated, we have no idea of your user interface and processes so we can only stumble around in the dark

On 3/25/2022 at 1:48 PM, ChenXiu said:


2.) Visitor manually types in the SKU numbers from those 5 widgets and clicks "Submit" to see my Offering Prices.
3.) Visitor may enter all 5 SKU numbers at once, click "Submit" and see all 5 prices all at once, or, they can enter and submit them one-at-a-time, until all 5 widgets appear with prices.
4.) NORMALLY, the Visitor would then enter their name and address and click "Complete Order" and then a Packing Slip is generated.

However, before the visitor "completes their order," they might choose to price one of those widgets on one of those 3rd-Party "Best Price" comparison-style websites that are popularly used for pricing widgets

 

In most UI's all of this would be done with ajax. 

  • You have your UI visible and user enters an sku  (ajax call runs), no submit necessary.
  • User clicks a delete/remove button for an item, that would also be pure javascript (DOM manipulation)

I would only have a traditional form submit for the finalized/order process.

The more you describe these links the more it sounds like it could be handled purely by javascript.  Write some javascript to handle the onclick for your links so it opens a new tab/window.  You can try to use a "popup" but many people have popup blockers installed.  Another option as I mentioned, would be to use a frameset, and have a hidden iframe that you load those linked sites into and display.  Either way, it shouldn't interfere with the processing of your site.

Last but not least, sessions are just a feature of the php server.  They don't require login (but I have to think you knew that because you were already using them).    If you don't like the idea of a block of 15 lines of code or several blocks, that's not unusual.  Put them into a few functions.  This is really what I meant in regards to structure.  Breaking things down into functional units is the best way to start to eliminate any confusing logic concerns or reliability problems. 

This also makes creating unit tests even more viable.  Writing a couple of unit tests for a couple of functions is not a big investment of time, and would go a long way towards giving you a comfort level in regards to your system.  Even if that's beyond your current level of capability, writing functions surely isn't, and of course makes those functions reusable.

At this point, we would really need to see some code from you to provide much more of value.

9 hours ago, gizmola said:

Write some javascript to handle the onclick for your links so it opens a new tab/window.

I am not the owner of the "links" you want me to onClick.

[Admins: if you want to delete this entire thread, that might be a good idea -- it is obvious I did a terrible job of describing the scenario.]

There are several big-company 3rd party "Top 10 places to Sell Widgets" out there that I have no control over.
Like this big company fictitious website: "Top10widgets.com: GET BEST PRICES FOR YOUR WIDGETS"
Visitor has widget they want to sell. They go to Top10widgets.com and input SKU number "ABCXYZ" onto their page, and sees a list like this:

ChenXiuThisIsMe.com: $6.00 <a href="https://myCompany.com/referal.php?referer=top10widgets&SKU=ABCXYZ">SELL HERE</a>
Somecompany1.com $5.00 <a href="https://myCompany.com/referal.php?referer=top10widgets&SKU=ABCXYZ">SELL HERE</a>
Somecompany2.com $4.00 <a href="https://myCompany.com/referal.php?referer=top10widgets&SKU=ABCXYZ">SELL HERE</a>
Somecompany3.com $3.00 <a href="https://myCompany.com/referal.php?referer=top10widgets&SKU=ABCXYZ">SELL HERE</a>
Somecompany4.com $3.00 <a href="https://myCompany.com/referal.php?referer=top10widgets&SKU=ABCXYZ">SELL HERE</a>


Visitor sees my company at the top of that list, offering the best price, and chooses my company by clicking that "SELL HERE" link.

I have no control over the Top10widgets.com whether they use onclick, target_blank, etc. What they have is what they have. It's a referral link that sends visitor to my website.

If visitor is already on my website with $_POST values of widgets they've already priced, then midstream visitor decides to go to Top10widgets.Com and clicks their "SELL HERE" link to bring them back to my website, all existing $_POST data on my website gets lost because the "SELL HERE" link on Top10widgets.com is a $_GET request.

 

6 hours ago, ChenXiu said:

If visitor is already on my website with $_POST values of widgets they've already priced, then midstream visitor decides to go to Top10widgets.Com and clicks their "SELL HERE" link to bring them back to my website, all existing $_POST data on my website gets lost because the "SELL HERE" link on Top10widgets.com is a $_GET request.

The only way to solve that is with $_SESSION.  Track the user's priced items there so the data is available regardless of how they arrive at your site.

Trying to pass data from page to page via POST is just as disaster prone, if not more so, than working with sessions.  It's also not friendly to multi-tabbed use of your site. For example, open several items in a new tab for comparison then add one of them to the list and close the tab, go to the next tab, add the item.  The one you just added in the previous tab would be gone.

 

9 hours ago, ChenXiu said:

I am not the owner of the "links" you want me to onClick.

I have no control over the Top10widgets.com whether they use onclick, target_blank, etc. What they have is what they have. It's a referral link that sends visitor to my website.

But you are the owner and have control over the content that a given URI returns, right?  If so, you could use JS to modify the behavior of these links.  Regardless of what you do, give thought whether you want state to be held by the client or server.

On 3/27/2022 at 5:06 AM, ChenXiu said:

 

If visitor is already on my website with $_POST values of widgets they've already priced, then midstream visitor decides to go to Top10widgets.Com and clicks their "SELL HERE" link to bring them back to my website, all existing $_POST data on my website gets lost because the "SELL HERE" link on Top10widgets.com is a $_GET request.

 

Now that you have clarified, when there is a link to your site, and you click on that link in another tab, it is going to open a new tab, because it is a separate request.   It is not going to override your existing session.  If your goal is to make the work in progress in the first session visible to this new session, then you should 100% stick with using sessions.  It is the only way you will provide a good experience across instances.

I would also pair that with ajax, so when people add an item to the cart, you don't require a submit.  The important thing is that during the ajax call you will store the state of the cart in your $_SESSION.  That way, any new browser session will have the current state of the cart.  Utilize your form post purely for the finalized submission of the cart.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.