NYCPHP Meetup

NYPHP.org

[nycphp-talk] lost sessions on redirect

Christina Karlhoff christinak at wll.com
Mon Feb 9 22:08:30 EST 2009 

Hi Michael,
 
on the processing page after the form array is verified and email
address is validated,
 
the code goes like this:
 
 
if ($_POST) {
    
        // save post into a cookie to retrieve later - careful with
captcha fields, do not restore those in interface
        
        setcookie("form", serialize($_POST), time()+300);
 
        if (captcha::check()) {
                if (verify_form($required, $_POST)) {
    //follow the same structure as verify form.  So now, if the form is
verified, we continue. Otherwise we will error out with redirect
    if ( (validate_email($email)) ) {
 
   // redirect to this url on full success and email form
                        header('Location:
http://www.wll.com/thankyou.shtml');
   $_POST['RemoteIP'] = $_SERVER['REMOTE_ADDR'];
                        mail_form(SENDER, RECIPIENT, SUBJECT, $_POST);
                } else {
          // If not validate email;
            header('Location: ' . $_SERVER['HTTP_REFERER']);
           } 
        } else {
      // If verify form failed
         header('Location: ' . $_SERVER['HTTP_REFERER']);
       }
       exit;
       } else {
        // if not capture
         $_SESSION["error"] = 'Verification word does not match';
        header('Location: ' . $_SERVER['HTTP_REFERER']);
       }
       exit;
} else {
   // if no $_POST variable
   if ($HTTP_COOKIE_VARS['form']) {
   //$form array can be used to set form field values
   // this server sucks, need to remove added slashes
   $form = unserialize(stripslashes($HTTP_COOKIE_VARS['form']));
 
   // destroy cookie on client side
   setcookie('form', '');
  }
  // echo $captcha puts captcha anywhere in the interface
         $captcha = captcha::form("→ ");
 }

 

Back on the page containing the form, a block of code linking session
"error" to the data array 

if ($_SESSION["error"]) {
    echo '<font color="red">' . $_SESSION["error"] . '</font>';
    unset($_SESSION["error"]);
   }
 

and reference to the required form data is tucked away:   

 <form action="quote.php" method="POST">
  <input type="hidden" name="print_blank_fields" value="1">
        <!--<input type=hidden name="sort" value="order:Contact
Name,Company,Street,City,State,Zip Code,email,Phone,Fax,EMC Compliance
Testing,Product Safety,Educational Seminars,Site
Surveys,Telecom,Wireless Approvals,Consulting and EMC Specialties, PCS
Site Surveys,Other,Comments">-->
        <center>


 

So i understand that session error shows which required field was not
entered by the user... but, what happens to the session vars with the
form data?

 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20090209/21cd0225/attachment.html>

More information about the talk mailing list