neophyte - 2:05 am on May 8, 2012 (gmt 0)
Hello All -
I'm working on a project that has various "secure" multi-page form sections that need to be filled out from beginning to end.
The issue is, what to do if someone (or a bot) trys to enter into a 4-page form section on page 2, or 3 (or whatever)?
Naturally, if this is detected, I'll redirect the user back to page 1... but how to detect if the previous sections have been filled out?
I could use $_SESSION data for each page of each form section, but the way the application was initially written, this is proving to be a real pain.
So, I've come up with the idea of a using a $_GET variable (based upon time() + 3600 seconds). Each secure page within a section would have this variable. If the variable is not present, or if the current time > than the variable, the person would be re-directed.
I'm kinda grasping at straws as to how to address this... all "best practices" advice on how to handle this type of challenge is truly appreciated.