Session variables and form data

Forum Moderators: coopster

Message Too Old, No Replies

Session variables and form data

Can't shake old form value

salewit

3:44 am on Apr 4, 2007 (gmt 0)

Below I've got a simple form using session variables. If I enter "1234" in this form, then go to the next page and come back OR refresh this page, no matter what I enter, the "1234" stays locked into the variable $test.

Even if I remove the value='$test' in the input tag, I'm still locked into my previous entry. Is this something so ridiculously simple?

Thx
Sam


<?php
session_start();
 if(isset($submit_button)){
 $_SESSION["var"] = $var;
 echo "Var = $var";
 exit;
 }
?>
<html><head>
<title>Test</title>
</head>
<body>
<?php
echo "<form method=\"post\" name=\"form\" action=\"{$_SERVER['PHP_SELF']}\">";
echo "<input type=\"text\" name=\"var\" value=\"$var\">";
?>
<input type="submit" name="submit_button" value="Submit">
</form>
</body>
</html>

capulet_x

4:01 am on Apr 4, 2007 (gmt 0)

Hope this helps.

<?php
// you have to open the session to be able to modify or remove it
session_start();

// to change a variable, just overwrite it
$_SESSION['size']='large';

//you can remove a single variable in the session
unset($_SESSION['shape']);

// or this would remove all the variables in the session, but not the session itself
session_unset();

// this would destroy the session variables
session_destroy();
?>

salewit

4:17 am on Apr 4, 2007 (gmt 0)

Hmmmm I'm not sure that helps at all. I'm familiar with all those session functions and I don't see how any of those relates to this particular problem.

I'm trying to get the POST data from an input to change after it gets initially set.

capulet_x

4:32 am on Apr 4, 2007 (gmt 0)

I guess I was trying to suggest that you remove the session var before submitting a new value

capulet_x

4:39 am on Apr 4, 2007 (gmt 0)

It looks like your session var is being called into your form. Where is $test?

salewit

5:08 am on Apr 4, 2007 (gmt 0)

I knew I screwed that up. I changed it from $test to $var to clarify things (so much for that!). My post should have read:

Even if I remove the value='$var' in the input tag, I'm still locked into my previous entry. Is this something so ridiculously simple?

salewit

5:12 am on Apr 4, 2007 (gmt 0)

Let me ask this in a simplified way....

Suppose I was creating a form asking for your credit card number. You enter the number, and then click on SUBMIT. The number gets sent to the merchant. The transaction fails due to a wrong credit card number. The user clicks on his BACK button and re-enters the correct number.

This is kind of what I'm trying to do. I'm using session variables for page to page continuity. In the above example, the user would never be able to change their number in my example above as it somehow got locked in with the original data.

willybfriendly

5:22 am on Apr 4, 2007 (gmt 0)

What happens if you change this:

$_SESSION["var"] = $var;
echo "Var = $var";
exit;

to:

$_SESSION[var] = $_POST[var];
echo "Var = $var";
exit;

BTW - always good to sanitize post data...

WBF

salewit

6:35 am on Apr 4, 2007 (gmt 0)

I looked at my real code, and this is how I have it:


<?php
session_start();
$var = $_POST['var'];
if(isset($submit_button)){
$_SESSION["var"] = $var;etc...

So that seems like it may be the same thing, no?

And of course there's some sanitizing going on behind the scenes.