Redirect while carying form data

**Mladen Gogala** · Dec 11 '06, 01:45 PM

Re: Redirect while carying form data

On Mon, 11 Dec 2006 07:00:58 -0500, bill wrote:

Is this were I would profitably use session variables ? I have
not explored that solution. Is there a better and/or easier one
other than bringing the user name and password in the URL ?

Session variables are definitely more secure then GET method, with
username and password plainly visible in the URL.

--

http://www.mladen-gogala.com

**no@emails.thx** · Dec 11 '06, 01:45 PM

Re: Redirect while carying form data

On Mon, 11 Dec 2006 07:00:58 -0500, bill <nobody@spamcop .netwrote:

>relative PHP newbie, not new to computing or web design
>
>Login page -get data page (bringing user name and password in
>form variables).
>
>get data page -display data page (bringing user name and
>password in hidden form variables).
>
>display data page -approval page (bringing user name and
>password in hidden form variables. Also bringing disposition in
>a form variable.)
>
>the problem is: from the approval page I want to redirect to the
>get data page, but need to bring along the user name and password
>so it does not get redirected back to the login page.
>
>Is this were I would profitably use session variables ? I have
>not explored that solution. Is there a better and/or easier one
>other than bringing the user name and password in the URL ?

Hi Bill

Sessions are your best bet. Also, after approving the user's login and
password it would be better just to store a flag in the session - or
better-still the user's ID number from their record in the database.
Then you just have to check if the session variable exists and it
should imply that the user has logged in and is approved. :o)

Each PHP page should start with session_start() and then just refer to
the variable like $_SESSION['userid']

Hope that helps
Chris R.

**bill** · Dec 11 '06, 02:55 PM

Re: Redirect while carying form data

no@emails.thx wrote:

On Mon, 11 Dec 2006 07:00:58 -0500, bill <nobody@spamcop .netwrote:
>

>relative PHP newbie, not new to computing or web design
>>
>Login page -get data page (bringing user name and password in
>form variables).
>>
>get data page -display data page (bringing user name and
>password in hidden form variables).
>>
>display data page -approval page (bringing user name and
>password in hidden form variables. Also bringing disposition in
>a form variable.)
>>
>the problem is: from the approval page I want to redirect to the
>get data page, but need to bring along the user name and password
>so it does not get redirected back to the login page.
>>
>Is this were I would profitably use session variables ? I have
>not explored that solution. Is there a better and/or easier one
>other than bringing the user name and password in the URL ?

>
Hi Bill
>
Sessions are your best bet. Also, after approving the user's login and
password it would be better just to store a flag in the session - or
better-still the user's ID number from their record in the database.
Then you just have to check if the session variable exists and it
should imply that the user has logged in and is approved. :o)
>
Each PHP page should start with session_start() and then just refer to
the variable like $_SESSION['userid']
>
Hope that helps
Chris R.

It does, thank you very much, great advice - next question is how
do I access the record number in mySQL ?

**no@emails.thx** · Dec 11 '06, 09:15 PM

Re: Redirect while carying form data

On Mon, 11 Dec 2006 10:17:07 -0500, bill <nobody@spamcop .netwrote:

>no@emails.th x wrote:

>On Mon, 11 Dec 2006 07:00:58 -0500, bill <nobody@spamcop .netwrote:
>>

>>relative PHP newbie, not new to computing or web design
>>>
>>Login page -get data page (bringing user name and password in
>>form variables).
>>>
>>get data page -display data page (bringing user name and
>>password in hidden form variables).
>>>
>>display data page -approval page (bringing user name and
>>password in hidden form variables. Also bringing disposition in
>>a form variable.)
>>>
>>the problem is: from the approval page I want to redirect to the
>>get data page, but need to bring along the user name and password
>>so it does not get redirected back to the login page.
>>>
>>Is this were I would profitably use session variables ? I have
>>not explored that solution. Is there a better and/or easier one
>>other than bringing the user name and password in the URL ?

>>
>Hi Bill
>>
>Sessions are your best bet. Also, after approving the user's login and
>password it would be better just to store a flag in the session - or
>better-still the user's ID number from their record in the database.
>Then you just have to check if the session variable exists and it
>should imply that the user has logged in and is approved. :o)
>>
>Each PHP page should start with session_start() and then just refer to
>the variable like $_SESSION['userid']
>>
>Hope that helps
>Chris R.

>
>It does, thank you very much, great advice - next question is how
>do I access the record number in mySQL ?

Well, when you create the rows make sure the first field in your user
schema is an integer with the autoincrement property set (and might as
well make it the primary key too). Then MySQL will generate a unique
number per row, which you will use to reference the row - that'll be
the userid. You will read the rows into an associative array etc etc.

Is that what you mean? :o)

Chris R.

**bill** · Dec 12 '06, 11:45 AM

Re: Redirect while carying form data

no@emails.thx wrote:

On Mon, 11 Dec 2006 10:17:07 -0500, bill <nobody@spamcop .netwrote:
>

>no@emails.thx wrote:

>>On Mon, 11 Dec 2006 07:00:58 -0500, bill <nobody@spamcop .netwrote:
>>>
>>>relative PHP newbie, not new to computing or web design
>>>>
>>>Login page -get data page (bringing user name and password in
>>>form variables).
>>>>
>>>get data page -display data page (bringing user name and
>>>password in hidden form variables).
>>>>
>>>display data page -approval page (bringing user name and
>>>password in hidden form variables. Also bringing disposition in
>>>a form variable.)
>>>>
>>>the problem is: from the approval page I want to redirect to the
>>>get data page, but need to bring along the user name and password
>>>so it does not get redirected back to the login page.
>>>>
>>>Is this were I would profitably use session variables ? I have
>>>not explored that solution. Is there a better and/or easier one
>>>other than bringing the user name and password in the URL ?
>>Hi Bill
>>>
>>Sessions are your best bet. Also, after approving the user's login and
>>password it would be better just to store a flag in the session - or
>>better-still the user's ID number from their record in the database.
>>Then you just have to check if the session variable exists and it
>>should imply that the user has logged in and is approved. :o)
>>>
>>Each PHP page should start with session_start() and then just refer to
>>the variable like $_SESSION['userid']
>>>
>>Hope that helps
>>Chris R.

>It does, thank you very much, great advice - next question is how
>do I access the record number in mySQL ?

>
Well, when you create the rows make sure the first field in your user
schema is an integer with the autoincrement property set (and might as
well make it the primary key too). Then MySQL will generate a unique
number per row, which you will use to reference the row - that'll be
the userid. You will read the rows into an associative array etc etc.
>
Is that what you mean? :o)
>
Chris R.

Ah, you said, "their id numbers". In my prior database
experience you could access the actual record number (which was
fairly random in a well ordered database). I see you are
assigning an _ID_ number, which is as you describe it.

In this case I am using a unique ID, non-numeric, which will suffice.

Thank you very much for the kind assistance to a newbie.
I will play with sessions this week.

bill

Redirect while carying form data

Redirect while carying form data

Comment

Comment

Comment

Comment

Comment