1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:26 am May 2, 2026

Forum Moderators: coopster

Message Too Old, No Replies

PHP Sessions Part 2

         

paseo

6:16 pm on Jan 26, 2007 (gmt 0)

10+ Year Member



Hi, i believe i have PHP sessions correctly setup and below is the environment its working in. The form is divided into three (3) seperate files. STEP1.PHP, STEP2.PHP and SUBMIT.PHP.

Step1.php collects information such as First and Last Names and when the form is submitted, this information is POSTED to STEP2.PHP. If you notice, there is NO call for SESSION_START(); anywhere in step1.php. Is this ok? Is this correct?

Step 2 takes the info posted from step1 and inserts it into the database. If you notice there IS a call for session_start() in step 2. The form on step 2 once the first and last name are inserted into the db, will collect the address information and POST this information to SUBMIT.PHP

Submit,php has no forms on it and its only purpose is to insert the address data into the SAME ROW as the first and last name (hence the session requirement...)

My question, is session use properly setup in the environment? Is the code and syntax properly configured? Are there any improvements that can be applied to setup to make use of session management more efficient / properly used (configured)

THANKS!

----------------------
STEP1.PHP
----------------------

<form method="post" action="step2.php" name="form1" id="form1">

<label for="FirstName"><strong>First Name</strong></label>
<input type="text" id="FirstName" name="FirstName"/>

<label for="LastName"><strong>Last Name</strong></label>
<input type="text" id="LastName" name="LastName"/>

<input type="submit" id="submit-" value="Continue">

</form>

----------------------
STEP2.PHP
----------------------

<?

session_start();

include ("/sec/dbinfo.php");

mysql_connect("$db_ip","$db_user","$db_pass");
mysql_select_db("$db_name");

$FirstName = mysql_real_escape_string($_POST['FirstName']);
$LastName = mysql_real_escape_string($_POST['LastName']);

$sql = "INSERT INTO $table (FirstName,LastName) VALUES ('$FirstName', '$LastName')";

mysql_query($sql) or die("SQL: $sql<br />".mysql_error());

$_SESSION['last_insert_id'] = mysql_insert_id();

?>

<form method="post" action="submit.php" name="cusform" id="cusform">

<label for="Address">Address</label>
<input type="text" id="Address" name="Address"/>

<input type="submit" id="submit-" value="Submit"/>

</form>

----------------------
SUBMIT.PHP
----------------------

<?

session_start();

include ("/sec/dbinfo.php");

mysql_connect("$db_ip","$db_user","$db_pass");
mysql_select_db("$db_name");

$Address = mysql_real_escape_string($_POST['Address']);

$sql = "UPDATE mapp SET Address='$Address' WHERE id='".(int)$_SESSION['last_insert_id']."'";

mysql_query($sql) or die("SQL: $sql<br />".mysql_error());

?>

--------------

paseo

9:35 pm on Jan 26, 2007 (gmt 0)

10+ Year Member



Based upon what i could figure figure out from the code is that we're not really using sessions at all. I mean a session is being created, but the code is not really making use of it.

arn't the variable's data supposed to be store in a session "buffer"? right now all the data is being pulled from the _POST.

cameraman

12:24 am on Jan 27, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



In submit.php you're getting the db record id from the session, so you are using sessions.
If you have db available to you, in my opinion it's better to store the info there than in sessions (which is right on track with the way you have this laid out).
Must have been in part 1 but I recall your saying that some people leave before completing the process, so it sounds like you should be getting them into the database as soon as you can. If you left the info in the SESSION until they got to the Submit button, you'd lose the ones who left before that point.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:26 am May 2, 2026