ChefMaha
asked on
Session Value Lost in next page
Hi,
I have a session variable ($_SESSION['email']) on the page: personalinfo.php. now after I submit the form on personalinfo.php, the browser automatically navigates to traininginfo.php. It achieves this with the javascript: window.location.replace('t
now, my problem is that if I try to access the session variable on traininginfo.php, it displays "blank".
where could I have gone wrong?
I have a session variable ($_SESSION['email']) on the page: personalinfo.php. now after I submit the form on personalinfo.php, the browser automatically navigates to traininginfo.php. It achieves this with the javascript: window.location.replace('t
now, my problem is that if I try to access the session variable on traininginfo.php, it displays "blank".
where could I have gone wrong?
//personalinfo.php
<?php
require_once('connection.php');
/**
* This function can be used to check the sanity of variables
*
* @access private
*
* @param string $type The type of variable can be bool, float, numeric, string, array, or object
* @param string $string The variable name you would like to check
* @param string $length The maximum length of the variable
*
* return bool
*/
function sanityCheck($string, $type, $maxlength, $minlength){
// assign the type
$type = 'is_'.$type;
$string = trim($string);
if(!$type($string))
{
return FALSE;
}
// now we see if there is anything in the string
elseif(empty($string))
{
return FALSE;
}
// then we check how long the string is
elseif(strlen($string) > $maxlength || strlen($string) < $minlength)
{
return FALSE;
}
else
{
return true;
}
}
/**
* This function if the $_POST vars are set
*
* @access private
*
* return bool
*/
function checkSet(){
return isset($_POST['FullName'], $_POST['HomePhone'], $_POST['CellPhone'], $_POST['Email'], $_POST['Occupation'], $_POST['WorkPlace'], $_POST['Sex'], $_POST['MaritalStatus']);
}
function checkNumber($num, $maxlength, $minlength){
$num = trim($num);
if($num > 0 && strlen($num) <= $maxlength && strlen($num)>= $minlength)
{
return ereg("^[0-9]{1,}-?[0-9]{1,}-?[0-9]{1,}-?[0-9]{1,}$", $num);
}
else
{
return false;
}
}
function checkEmail($email){
$regexp='/^[a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/';
return preg_match($regexp, trim($email));
}
if ($_POST['process'] == 1)
{
$FullName = $_POST['FullName'];
$HomePhone = $_POST['HomePhone'];
$WorkPhone = $_POST['WorkPhone'];
$CellPhone = $_POST['CellPhone'];
$POBox = $_POST['POBox'];
$Fax = $_POST['Fax'];
$Email = $_POST['Email'];
//store Email in session
session_start();
$_SESSION['email'] = $Email;
$Sex = $_POST['Sex'];
$MaritalStatus = $_POST['MaritalStatus'];
$Occupation = $_POST['Occupation'];
$WorkPlace = $_POST['WorkPlace'];
if(checkSet())
{
if(sanityCheck($_POST['FullName'], 'string', 50, 11) )
{
if(checkNumber($_POST['HomePhone'], 16, 7))
{
if(checkNumber($_POST['CellPhone'], 17, 10))
{
if(checkEmail($_POST['Email']) != FALSE)
{
if(sanityCheck($_POST['Occupation'], 'string', 50, 3))
{
if(sanityCheck($_POST['WorkPlace'], 'string', 50, 3))
{
if(!checkNumber($_POST['WorkPhone'], 16, 7))
{
$WorkPhone = '';
}
if(!checkNumber($_POST['Fax'], 16, 7))
{
$Fax = '';
}
if(!checkNumber($_POST['POBox'], 5, 5))
{
$POBox = '';
}
$strSQL = "INSERT INTO VOLUNTEER Values ('" . $FullName . "','" . $HomePhone . "','" .$WorkPhone . "', '" . $CellPhone . "', '" .$Fax . "', '" .$POBox . "', '" . $Email . "', '" . $Sex . "', '" .$MaritalStatus . "', '" .$Occupation . "', '" .$WorkPlace . "')" ;
mysql_query("set names 'utf8'");
$strResult = mysql_query($strSQL) or
$ErrorMessage = '%FQC #/.D* 'D'3E #H 'D(1J/ 'D'DC*1HFJ D4.5 ".1 E3,QD D/JF'';
if($ErrorMessage != '%FQC #/.D* 'D'3E #H 'D(1J/ 'D'DC*1HFJ D4.5 ".1 E3,QD D/JF'')
{
?>
<script language=javascript>
window.location.replace('traininginfo.php');
</script>
<?php
}
}
else
{
$ErrorMessage = '%F ,G) 'D9ED :J1 5-J-)';
}
}
else
{
$ErrorMessage = '%F 'DEGF) :J1 5-J-)';
}
}
else
{
// if all is not well we echo an error message
$ErrorMessage ='%F 'D(1J/ 'D'DC*1HFJ :J1 5-J-';
}
}
else
{
$ErrorMessage = '%F 1BE 'D,H'D :J1 5-J-';
}
}
else
{
$ErrorMessage = '%F 1BE 'DG'*A :J1 5-J-';
}
}
else
{
$ErrorMessage = "%F '3EC 'D+D'+J :J1 5-J-";
}
}
else
{
$ErrorMessage = "A6D'K 'ED# ,EJ9 'D-BHD 'D61H1J)";
}
}
?>
<?php require_once('header.php'); ?>
<!-- cell part of outer table -->
<td dir="rtl" valign="top">
<!-- beginning of table containing all body contents -->
<table align="center" cellpadding="10" name="BodyTable">
<tr>
<td valign="top">
<!-- beginning of links table -->
<table cellpadding="5" align="right" name = "LinksTable">
<tr width="100px">
<td align="right">
<a href="personalinfo.php" style="color: #D75A27">E9DHE'* 4.5J)</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="traininginfo.php" style="color: #E2E2E2">'D/H1'* HH14 'D9ED</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="languages.php" style="color: #E2E2E2">D:'*</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="preferredwork.php" style="color: #E2E2E2">'D#9E'D 'D*7H9J) 'DEA6D)</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="skills.php" style="color: #E2E2E2">EG'1'*</a>
</td>
</tr>
<!-- end of links table -->
</table>
<!-- end of first cell inside BodyTable -->
</td>
<!-- beginning of second cell inside BodyTable -->
<td>
<?php
$ErrorMessage = $_SESSION['email'];
if(ErrorMessage != "")
{ echo '<p style="color: #D75A27; text-align: center; font-weight:bold; font-size: 12pt">' . htmlspecialchars($ErrorMessage) . '</p>'; } ?>
<form name="thisForm" id="thisForm" accept-charset="utf-8"; method="post"; action="<?php echo $PHP_SELF; ?>" ; enctype="multipart/form-data: charset=utf-8 " >
<FIELDSET style="width:300">
<LEGEND style="color:"><b>E9DHE'* 4.5J)</b></LEGEND>
<!-- beginning of FormTable -->
<table align="right" cellspacing="15px" class="form" name="FormTable">
<tr>
<td align="right" style="width:100"><b>
'D'3E 'D+D'+J</b>
</td>
<td>
<input type="text" name="FullName" value="<? print $FullName; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
G'*A 'DEF2D
</b>
</td>
<td>
<input type="text" name="HomePhone" value="<?print $HomePhone; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
G'*A 'D9ED
</b>
</td>
<td >
<input type="text" name="WorkPhone" value="<?print $WorkPhone; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
'D,H'D
</b>
</td>
<td>
<input type="text" name="CellPhone" value="<?print $CellPhone; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td ><b>
'DA'C3
</b>
</td>
<td>
<input type="text" name="Fax" value="<?print $Fax; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
5.(
</b>
</td>
<td>
<input type="text" name="POBox" value="<?print $POBox; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
'D(1J/ 'D'DC*1HFJ
</b>
</td>
<td>
<input type="text" name="Email" value="<?print $Email; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td>
'D,F3
</td>
<td>
<input type="radio" name="Sex" <?php if($Sex == "f"){echo " CHECKED";}?> value="f" /> #F+I
<input type="radio" name="Sex" <?php if($Sex == "m"){echo " CHECKED";}?> value="m" /> 0C1
</td>
</tr>
<tr align="right">
<td>
'D-'D) 'D',*E'9J)
</td>
<td>
<input type="radio" name="MaritalStatus" <?php if($MaritalStatus == "E*2H,"){echo " CHECKED";}?> value="E*2H," /> E*2H,
<input type="radio" name="MaritalStatus" <?php if($MaritalStatus == "#92("){echo " CHECKED";}?> value="#92(" /> #92(
</td>
</tr>
<tr align="right">
<td style="width:100"><b>
'DEGF)
</b>
</td>
<td>
<input type="text" name="Occupation" value="<?print $Occupation; ?>"/> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
,G) 'D9ED
</b>
</td>
<td>
<input type="text" name="WorkPlace" value="<?print $WorkPlace; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<!-- end of FormTable-->
</table>
</FIELDSET>
<br>
<input type="hidden" name="process" value="1">
<input type="submit" name="Continue" size="10" value="'D*'DJ >>" />
<!-- end of second cell inside BodyTable -->
</td>
</tr>
<!-- end of table containing all body contents -->
</table>
<!-- end of mid cell in outer table -->
</td>
</form>
<td width="155" bgcolor="#296566" valign="top"><img src="images/swirl.jpg" /></td>
</tr>
<?php require_once('footer.php'); ?>
//traininginfo.php
<?php
session_start();
require_once('connection.php');
/**
* This function can be used to check the sanity of variables
*
* @access private
*
* @param string $type The type of variable can be bool, float, numeric, string, array, or object
* @param string $string The variable name you would like to check
* @param string $length The maximum length of the variable
*
* return bool
*/
function sanityCheck($string, $type, $maxlength, $minlength){
// assign the type
$type = 'is_'.$type;
$string = trim($string);
if(!$type($string))
{
return FALSE;
}
// now we see if there is anything in the string
elseif(empty($string))
{
return FALSE;
}
// then we check how long the string is
elseif(strlen($string) > $maxlength || strlen($string) < $minlength)
{
return FALSE;
}
else
{
return true;
}
}
// checks that all required fields are filled
function checkSet(){
return (isset($_POST['CourseName'], $_POST['CourseInstructor']) && $_POST['CourseMonth'] != 'Month' && $_POST['CourseYear'] != 'Year');
}
if ($_POST['process'] == 1)
{
$Email = $_SESSION['email'];
$CourseName = $_POST['CourseName'];
$CourseInstructor = $_POST['CourseInstructor'];
$CourseTitle = $_POST['CourseTitle'];
$CourseMonth = $_POST['CourseMonth'];
$CourseYear = $_POST['CourseYear'];
if(checkSet())
{
if(sanityCheck($_POST['CourseName'], 'string', 70, 2) )
{
if(sanityCheck($_POST['CourseInstructor'], 'string', 100, 3))
{
if(!sanityCheck($_POST['CourseTitle'], 'string', 70, 3))
{
$CourseTitle='';
}
$strSQL = "INSERT INTO VOLUNTEER_TRAINING Values ('" . $Email . "','" . $CourseName . "','" .$CourseInstructor . "', '" . $CourseTitle . "', '" .$CourseMonth . "', '" .$CourseYear . "')" ;
mysql_query("set names 'utf8'");
$strResult = mysql_query($strSQL) or $ErrorMessage='%F '3E 'D/H1) EC11';
}
else
{
$ErrorMessage = '%F 'DE-'61 :J1 5-J-';
}
}
else
{
// if all is not well we echo an error message
$ErrorMessage ='%F '3E 'D/H1) :J1 5-J-';
}
}
else
{
$ErrorMessage = "A6D'K 'ED# ,EJ9 'D-BHD 'D61H1J)";
}
}
?>
<?php require_once('header.php'); ?>
<!-- cell part of outer table -->
<td dir="rtl" valign="top">
<!-- beginning of table containing all body contents -->
<table align="center" cellpadding="10" name="BodyTable">
<tr>
<!-- beginning of first cell inside BodyTable -->
<td valign="top">
<!-- beginning of links table -->
<table cellpadding="5" align="right" name = "LinksTable">
<tr width="250">
<td align="right">
<a href="personalinfo.php" style="color: #E2E2E2">E9DHE'* 4.5J)</a>
</td>
</tr>
<tr width="200px">
<td align="right">
<a href="traininginfo.php" style="color: #D75A27">'D/H1'* HH14 'D9ED</a>
</td>
</tr>
<tr width="200px">
<td align="right">
<a href="languages.php" style="color: #E2E2E2">D:'*</a>
</td>
</tr>
<tr width="200px">
<td align="right">
<a href="preferredwork.php" style="color: #E2E2E2">'D#9E'D 'D*7H9J) 'DEA6D)</a>
</td>
</tr>
<tr width="200px">
<td align="right">
<a href="skills.php" style="color: #E2E2E2">EG'1'*</a>
</td>
</tr>
<!-- end of links table -->
</table>
<!-- end of first cell inside BodyTable -->
</td>
<!-- beginning of second cell inside BodyTable -->
<td>
<?php
$ErrorMessage = $_SESSION['email'];
if(ErrorMessage != "")
{ echo '<p style="color: #D75A27; text-align: center; font-weight:bold">' . htmlspecialchars($ErrorMessage) . '</p>'; } ?>
<form name="thisForm" id="thisForm" accept-charset="utf-8"; method="post"; action="<?php echo $PHP_SELF; ?>" ; enctype="multipart/form-data: charset=utf-8 " >
<FIELDSET style="width:300">
<LEGEND style="color:296566"><b>'D/H1'* H H14 'D9ED 'DE,*'2)</b></LEGEND>
<br>
<!-- beginning of FormTable -->
<table cellpadding=3px class="form" name="FormTable" align="right">
<tr>
<td width=150px>
'3E 'D/H1)
</td>
<td>
<input type="text" name="CourseName" value="<?php echo $CourseName ?>" />
</td>
</tr>
<tr>
<td>
المحاضر
</td>
<td>
<input type="text" name="CourseInstructor" value="<?php echo $CourseInstructor ?>" />
</td>
</tr>
<tr>
<td>
9FH'FG'
</td>
<td>
<input type="text" name="CourseTitle" value="<?php echo $CourseTitle ?>" />
</td>
</tr>
<tr>
<td>
*'1J. 'F9B'/G'
</td>
<td>
<select name="CourseMonth">
<option value="Month">4G1</option>
<option value="01"<?php if($CourseMonth == "01"){echo " SELECTED";}?>>01</option>
<option value="02"<?php if($CourseMonth == "02"){echo " SELECTED";}?>>02</option>
<option value="03"<?php if($CourseMonth == "03"){echo " SELECTED";}?>>03</option>
<option value="04"<?php if($CourseMonth == "04"){echo " SELECTED";}?>>04</option>
<option value="05"<?php if($CourseMonth== "05"){echo " SELECTED";}?>>05</option>
<option value="06"<?php if($CourseMonth == "06"){echo " SELECTED";}?>>06</option>
<option value="07"<?php if($CourseMonth == "07"){echo " SELECTED";}?>>07</option>
<option value="08"<?php if($CourseMonth == "08"){echo " SELECTED";}?>>08</option>
<option value="09"<?php if($CourseMonth== "09"){echo " SELECTED";}?>>09</option>
<option value="10"<?php if($CourseMonth== "10"){echo " SELECTED";}?>>10</option>
<option value="11"<?php if($CourseMonth == "11"){echo " SELECTED";}?>>11</option>
<option value="12"<?php if($CourseMonth == "12"){echo " SELECTED";}?>>12</option>
</select>
<select name="CourseYear">
<option value="Year">3F)</option>
<option value="08"<?php if($CourseYear == "08"){echo " SELECTED";}?>>08</option>
<option value="07"<?php if($CourseYear == "07"){echo " SELECTED";}?>>07</option>
<option value="06"<?php if($CourseYear == "06"){echo " SELECTED";}?>>06</option>
<option value="05"<?php if($CourseYear == "05"){echo " SELECTED";}?>>05</option>
<option value="04"<?php if($CourseYear == "04"){echo " SELECTED";}?>>04</option>
<option value="03"<?php if($CourseYear == "03"){echo " SELECTED";}?>>03</option>
<option value="02"<?php if($CourseYear == "02"){echo " SELECTED";}?>>02</option>
<option value="01"<?php if($CourseYear == "01"){echo " SELECTED";}?>>01</option>
<option value="00"<?php if($CourseYear == "00"){echo " SELECTED";}?>>00</option>
<option value="99"<?php if($CourseYear == "99"){echo " SELECTED";}?>>99</option>
<option value="98"<?php if($CourseYear == "98"){echo " SELECTED";}?>>98</option>
<option value="97"<?php if($CourseYear == "97"){echo " SELECTED";}?>>97</option>
<option value="96"<?php if($CourseYear == "96"){echo " SELECTED";}?>>96</option>
<option value="95"<?php if($CourseYear == "95"){echo " SELECTED";}?>>95</option>
<option value="94"<?php if($CourseYear == "94"){echo " SELECTED";}?>>94</option>
<option value="93"<?php if($CourseYear == "93"){echo " SELECTED";}?>>93</option>
<option value="92"<?php if($CourseYear == "92"){echo " SELECTED";}?>>92</option>
<option value="91"<?php if($CourseYear == "91"){echo " SELECTED";}?>>91</option>
<option value="90"<?php if($CourseYear == "90"){echo " SELECTED";}?>>90</option>
<option value="89"<?php if($CourseYear == "89"){echo " SELECTED";}?>>89</option>
<option value="88"<?php if($CourseYear == "88"){echo " SELECTED";}?>>88</option>
<option value="87"<?php if($CourseYear == "87"){echo " SELECTED";}?>>87</option>
<option value="86"<?php if($CourseYear == "86"){echo " SELECTED";}?>>86</option>
<option value="85"<?php if($CourseYear == "85"){echo " SELECTED";}?>>85</option>
<option value="84"<?php if($CourseYear == "84"){echo " SELECTED";}?>>84</option>
<option value="83"<?php if($CourseYear == "83"){echo " SELECTED";}?>>83</option>
<option value="82"<?php if($CourseYear == "82"){echo " SELECTED";}?>>82</option>
<option value="81"<?php if($CourseYear == "81"){echo " SELECTED";}?>>81</option>
<option value="80"<?php if($CourseYear == "80"){echo " SELECTED";}?>>80</option>
<option value="79"<?php if($CourseYear == "79"){echo " SELECTED";}?>>79</option>
<option value="78"<?php if($CourseYear == "78"){echo " SELECTED";}?>>78</option>
<option value="77"<?php if($CourseYear == "77"){echo " SELECTED";}?>>77</option>
<option value="76"<?php if($CourseYear == "76"){echo " SELECTED";}?>>76</option>
<option value="75"<?php if($CourseYear == "75"){echo " SELECTED";}?>>75</option>
</select>
</td>
</tr>
<tr ><td align="center" colspan="2">
<input type="hidden" name="process" value="1">
<br>
<input type="submit" name="Save" size="10" value="-A8" />
</td></tr>
</table>
</FIELDSET>
<br>
<a href="languages.php?$email=".$email style="color: #106E6A" align="left" ><b>'D*'DJ >> </b></a>
<!-- end of second cell inside BodyTable -->
</td>
</tr>
<!-- end of BodyTable -->
</table>
</form>
<!-- end of mid cell in outer table -->
</td>
<td width="155" bgcolor="#296566" valign="top"><img src="images/swirl.jpg" /></td>
</tr>
<?php require_once('footer.php'); ?>
Roonaan
Have you added session_start() to all your scripts?
You need to keep open all your sessions with session_start() before anything.
********on all files using the session variables.
ASKER
I am using session_start() on both files (before the html tag and before accessing the session variable)
what does print_r($_SESSION) give you? Do you have register_globals on or off?
ASKER
print_r($_SESSION) gives me blank (nothing)
and i haven't set register_globals to anything
and i haven't set register_globals to anything
Can you add below line and be sure that the session id stays the same?
echo '[Session Id: '.session_id().']';
echo '[Session Id: '.session_id().']';
ASKER
I tried it. the session id is the same on both pages
Instead of the window.location.replace can you try and use:
window.location.replace('t
Also I see a lot of
if($a) {
if($b) {
if($c) {
}
} else {
$ErrorMessage ='asdasd';
}
} else {
$ErrorMessage = 'adadsad';
}
It is far more easier to maintain and for others to interpret, if you'd used:
if(!$a) {
$ErrorMessage = 'adadsad';
} else if (!$b) {
$ErrorMessage = 'dadads';
} else {
// all good.
}
Kind regards
-r-
window.location.replace('t
Also I see a lot of
if($a) {
if($b) {
if($c) {
}
} else {
$ErrorMessage ='asdasd';
}
} else {
$ErrorMessage = 'adadsad';
}
It is far more easier to maintain and for others to interpret, if you'd used:
if(!$a) {
$ErrorMessage = 'adadsad';
} else if (!$b) {
$ErrorMessage = 'dadads';
} else {
// all good.
}
Kind regards
-r-
ASKER
thanks it worked!
and I appreciate your advice on the code. and you're right. but my problem is that I want all conditions to be true in order to execute the db insert command. so that's the only way I was able to organize the if statements!
I really appreciate your advice though..
but one last question before I accept your answer. the window.location.replace statement you gave me; does it have to do with session? or is it a query string?
in other words, can I remove the session statements from my code?
and I appreciate your advice on the code. and you're right. but my problem is that I want all conditions to be true in order to execute the db insert command. so that's the only way I was able to organize the if statements!
I really appreciate your advice though..
but one last question before I accept your answer. the window.location.replace statement you gave me; does it have to do with session? or is it a query string?
in other words, can I remove the session statements from my code?
It uses a querystring and therefor is not a safe way. I posted the code to determine if the $Email variable was actually set properly. (You could tell from the url).
If this code however makes the rest of your script work, then it implies that register_globals = On. This means that any entry in the $_POST, $_GET, $_COOKIE and $_SESSION is turned into a global var automatically
If you then change the $email variable anywhere in your code, it affects your session variable. This might explain the strange behavior.
Depending on the scope of your website (private / intranet / internet) you could choose to use the querystring instead of a session. An alternative is to pass the primairy key of the record you just added into the VOLUNTEERS table. If you have an auto increment field in the table, you could have mysql_insert_id() after you run the insert query.
$recordPrimairyKey = mysql_insert_id();
Kind regards
-r-
If this code however makes the rest of your script work, then it implies that register_globals = On. This means that any entry in the $_POST, $_GET, $_COOKIE and $_SESSION is turned into a global var automatically
If you then change the $email variable anywhere in your code, it affects your session variable. This might explain the strange behavior.
Depending on the scope of your website (private / intranet / internet) you could choose to use the querystring instead of a session. An alternative is to pass the primairy key of the record you just added into the VOLUNTEERS table. If you have an auto increment field in the table, you could have mysql_insert_id() after you run the insert query.
$recordPrimairyKey = mysql_insert_id();
Kind regards
-r-
ASKER
I'm sorry pal
the last message you posted kind of "not clear" and a bit tangled up. will you please clarify?
thanks
the last message you posted kind of "not clear" and a bit tangled up. will you please clarify?
thanks
Query string might prove a workable solution, but passing the email in such a way allows for manual manipulation by people with bad intentions. (Spammers or spambot scripts).
If it is an intranet application or at least fairly locked away, then this will not be an issue.
When it it a public website, then you might need to look into other ways to track the users between the two pages.
As you add a new record to the VOLUNTEERS table just before continueing to your second page, you could take the primairy key field value of the new record and pass it on. On the second script you can use that id to retrieve the volunteers record from the database and get his/her email from it.
If it is an intranet application or at least fairly locked away, then this will not be an issue.
When it it a public website, then you might need to look into other ways to track the users between the two pages.
As you add a new record to the VOLUNTEERS table just before continueing to your second page, you could take the primairy key field value of the new record and pass it on. On the second script you can use that id to retrieve the volunteers record from the database and get his/her email from it.
ASKER
the problem is that the email is the primary key of the record.. can't I use session to achieve this?
ASKER
btw my application is a website. so, security is a main factor
Then you should only test the email in your second script, if it actually exists in your database.
ASKER
aha not a bad idea.. mmmm but u know what it's not just 2 pages I have 5 pages in a row that all need to access the $Email variable. that's why I thought session would be the most appropriate way to achieve that.. don't you think so?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks for your help.. i appreciate it alot. My work day has finished so i'll follow up with you tomorrow morning on this subject.
I would like to use the SESSION variable and find out what the problem is exactly. I'd appreciate it if we could work this through together
c ya tomorrow morning!
I would like to use the SESSION variable and find out what the problem is exactly. I'd appreciate it if we could work this through together
c ya tomorrow morning!
Might be that I get in late. I'm in europe/paris timezone. But I try to follow up.
ASKER
good morning
I followed both your guidelines:
1. use $_SESSION['sess_email'] instead of $_SESSION['email']
2. put the session_start() in your connection.php
but still no luck :(
what could the problem possibly be?
I followed both your guidelines:
1. use $_SESSION['sess_email'] instead of $_SESSION['email']
2. put the session_start() in your connection.php
but still no luck :(
what could the problem possibly be?
ASKER
by the way, when I try to print the session on the same page where it is saved (personalinfo.php) - I get the correct result. So, I believe maybe the problem has to do with the way I am navigating to the next page (window.location.replace).
As the session id does not change and is the same on both pages you would think that the browser re-opens the correct session.
Can you run this test script? (Save an separate file, and run it a couple of times from your browser)
<?php
# Enable error reporting
error_reporting(E_ALL);
ini_set('display_errors', true);
# Start session
session_start();
# See if the 'history' array is available in the session
if(!isset($_SESSION['visit
echo '<br/>This is the first visit';
} else {
echo '<br/>You have visited this page before:<br />- '.implode('<br/>- ', $_SESSION['visits']);
}
# Add the current visit to our 'history'
$_SESSION['visits'][] = date('Y-m-d H:i:s');
# Get the last visit on top
rsort($_SESSION['visits'])
# Make sure we store only a list of ten
$_SESSION['visits'] = array_slice($_SESSION['vis
?>
Can you run this test script? (Save an separate file, and run it a couple of times from your browser)
<?php
# Enable error reporting
error_reporting(E_ALL);
ini_set('display_errors', true);
# Start session
session_start();
# See if the 'history' array is available in the session
if(!isset($_SESSION['visit
echo '<br/>This is the first visit';
} else {
echo '<br/>You have visited this page before:<br />- '.implode('<br/>- ', $_SESSION['visits']);
}
# Add the current visit to our 'history'
$_SESSION['visits'][] = date('Y-m-d H:i:s');
# Get the last visit on top
rsort($_SESSION['visits'])
# Make sure we store only a list of ten
$_SESSION['visits'] = array_slice($_SESSION['vis
?>
ASKER
ok i ran it severl times and got this:
You have visited this page before:
- 2008-06-17 05:35:30
- 2008-06-17 05:35:22
- 2008-06-17 05:35:17
- 2008-06-17 05:35:09
- 2008-06-17 05:35:06
what's next?
You have visited this page before:
- 2008-06-17 05:35:30
- 2008-06-17 05:35:22
- 2008-06-17 05:35:17
- 2008-06-17 05:35:09
- 2008-06-17 05:35:06
what's next?
That indicates that you session is properly configured on your server and is actually working :-)
So the problem is programmatically.
As both pages have a session_id(), and have session_start() I don't understand where the session data is getting lost.
Have you moved the session_start() to your connection php?
So the problem is programmatically.
As both pages have a session_id(), and have session_start() I don't understand where the session data is getting lost.
Have you moved the session_start() to your connection php?
ASKER
session_start() is in connection.php
but anyway, I think it's working now!
thanks for your efforts
but anyway, I think it's working now!
thanks for your efforts
So the assumption is that somewhere along the line the session was not started?
I think I know what happened.
Can you add (for debug purposes) the following two lines to your connection php:
error_reporting(E_ALL);
ini_set('display_errors','
I think we missed an error saying "Session headers could not be sent. Output already started at {filename} on line {number}" before.
This is fixed by putting the session_start() to the top, before any output.
I think I know what happened.
Can you add (for debug purposes) the following two lines to your connection php:
error_reporting(E_ALL);
ini_set('display_errors','
I think we missed an error saying "Session headers could not be sent. Output already started at {filename} on line {number}" before.
This is fixed by putting the session_start() to the top, before any output.
ASKER
I suppose you're right!
I got this message:
Warning: Cannot modify header information - headers already sent by (output started at /home/adhd/public_html/con
what does this message tell us and how can we solve it?
I got this message:
Warning: Cannot modify header information - headers already sent by (output started at /home/adhd/public_html/con
what does this message tell us and how can we solve it?
Your php response consists of two parts: the header info and the content info. the content is the html you put out, and the header is things like cookies and stuff.
The session_start() tries to set a cookie, but when midst of your code it cannot add any header info when the content has already started.
When we moved the session_start() to the connection.php we made sure session_start() cookie was send out before any content. So you can remove the session_start() from the middle of the code.
What is on 1538? Is it the session_start, or another header command?
The session_start() tries to set a cookie, but when midst of your code it cannot add any header info when the content has already started.
When we moved the session_start() to the connection.php we made sure session_start() cookie was send out before any content. So you can remove the session_start() from the middle of the code.
What is on 1538? Is it the session_start, or another header command?
ASKER
thanks for the clarification.
this line is at 1538: <?php header('Content-type: text/html; charset=utf-8'); ?>
this line is at 1538: <?php header('Content-type: text/html; charset=utf-8'); ?>
Is that a general header that should be applied to all your pages? Then move it into connection.php as well.
ASKER
this statement is included inside header.php which is used in all pages on the site. (the top design on the page)
should I include the statement: <?php header('Content-type: text/html; charset=utf-8'); ?> inside connection.php?
should I include the statement: <?php header('Content-type: text/html; charset=utf-8'); ?> inside connection.php?
ASKER
thanks for your assistance Roonaan. I'm really sorry but my work day is finished.
I will be able to reply to you tomorrow around 9am in my time (around 7am in your time)
thanks for your help
take care
I will be able to reply to you tomorrow around 9am in my time (around 7am in your time)
thanks for your help
take care
ASKER
ok I'm back again
let's get back to my previous post:
this statement is included inside header.php which is used in all pages on the site. (the top design on the page)
should I include the statement: <?php header('Content-type: text/html; charset=utf-8'); ?> inside connection.php?
thanks
let's get back to my previous post:
this statement is included inside header.php which is used in all pages on the site. (the top design on the page)
should I include the statement: <?php header('Content-type: text/html; charset=utf-8'); ?> inside connection.php?
thanks
The problem is that there is some output on connection.php line 50. That prevents this header statement from working properly.
ASKER
there is no statement on line 50
the last statement in the file is on line 39 and it's the session_start();
I'm really confused
the last statement in the file is on line 39 and it's the session_start();
I'm really confused
Was this warning fixed then?
>Warning: Cannot modify header information - headers already sent by (output started at /home/adhd/public_html/con
>Warning: Cannot modify header information - headers already sent by (output started at /home/adhd/public_html/con
ASKER
you mean it was fixed when I included the statement: <?php header('Content-type: text/html; charset=utf-8'); ?> inside connection.php?
Moving to connection.php was a good move.
I wondered about the line 50, because you had an error earlier stating that output started at line 50 of connection.php, whilst now you say the file had only 39 lines. So that was confusing.
I wondered about the line 50, because you had an error earlier stating that output started at line 50 of connection.php, whilst now you say the file had only 39 lines. So that was confusing.
ASKER
ok let me test everything again
ASKER
ok this is what i did: I found out that the 50 is that last empty line in connection.php. So I removed the empty lines from the end of the file and the error was gone. I only got the following weird error (I don't know if it's relevant):
Notice: Undefined index: process in /home/adhd/public_html/per
btw line 81 in personalinfo.php contains just a curly bracket '{'
and the line number doesnt' change even if I increase/decrease new lines.
Notice: Undefined index: process in /home/adhd/public_html/per
btw line 81 in personalinfo.php contains just a curly bracket '{'
and the line number doesnt' change even if I increase/decrease new lines.
ASKER
if you wanna see the page go to : http://www.adhd.org.sa/personalinfo.php
What is the current php code?
(do we need to open another question? We've been posting in this one for days :) )
(do we need to open another question? We've been posting in this one for days :) )
ASKER
it's ok we're almost done :)
check out the error on page: http://www.adhd.org.sa/personalinfo.php (you will find it at the very top of the page and you need to highlight it to make it readable)
the php code for personalinfo.php is:
check out the error on page: http://www.adhd.org.sa/personalinfo.php (you will find it at the very top of the page and you need to highlight it to make it readable)
the php code for personalinfo.php is:
<?php
require_once('connection.php');
/**
* This function can be used to check the sanity of variables
*
* @access private
*
* @param string $type The type of variable can be bool, float, numeric, string, array, or object
* @param string $string The variable name you would like to check
* @param string $length The maximum length of the variable
*
* return bool
*/
function sanityCheck($string, $type, $maxlength, $minlength){
// assign the type
$type = 'is_'.$type;
$string = trim($string);
if(!$type($string))
{
return FALSE;
}
// now we see if there is anything in the string
elseif(empty($string))
{
return FALSE;
}
// then we check how long the string is
elseif(strlen($string) > $maxlength || strlen($string) < $minlength)
{
return FALSE;
}
else
{
return true;
}
}
/**
* This function if the $_POST vars are set
*
* @access private
*
* return bool
*/
function checkSet(){
return isset($_POST['FullName'], $_POST['HomePhone'], $_POST['CellPhone'], $_POST['Email'], $_POST['Occupation'], $_POST['WorkPlace'], $_POST['Sex'], $_POST['MaritalStatus']);
}
function checkNumber($num, $maxlength, $minlength){
$num = trim($num);
if($num > 0 && strlen($num) <= $maxlength && strlen($num)>= $minlength)
{
return ereg("^[0-9]{1,}-?[0-9]{1,}-?[0-9]{1,}-?[0-9]{1,}$", $num);
}
else
{
return false;
}
}
function checkEmail($email){
$regexp='/^[a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/';
return preg_match($regexp, trim($email));
}
if ($_POST['process'] == 1)
{
$FullName = $_POST['FullName'];
$HomePhone = $_POST['HomePhone'];
$WorkPhone = $_POST['WorkPhone'];
$CellPhone = $_POST['CellPhone'];
$POBox = $_POST['POBox'];
$Fax = $_POST['Fax'];
$Email = $_POST['Email'];
//store Email in session
$_SESSION['session_email'] = $Email;
$Sex = $_POST['Sex'];
$MaritalStatus = $_POST['MaritalStatus'];
$Occupation = $_POST['Occupation'];
$WorkPlace = $_POST['WorkPlace'];
if(checkSet())
{
if(sanityCheck($_POST['FullName'], 'string', 50, 11) )
{
if(checkNumber($_POST['HomePhone'], 16, 7))
{
if(checkNumber($_POST['CellPhone'], 17, 10))
{
if(checkEmail($_POST['Email']) != FALSE)
{
if(sanityCheck($_POST['Occupation'], 'string', 50, 3))
{
if(sanityCheck($_POST['WorkPlace'], 'string', 50, 3))
{
if(!checkNumber($_POST['WorkPhone'], 16, 7))
{
$WorkPhone = '';
}
if(!checkNumber($_POST['Fax'], 16, 7))
{
$Fax = '';
}
if(!checkNumber($_POST['POBox'], 5, 5))
{
$POBox = '';
}
$strSQL = "INSERT INTO VOLUNTEER Values ('" . $FullName . "','" . $HomePhone . "','" .$WorkPhone . "', '" . $CellPhone . "', '" .$Fax . "', '" .$POBox . "', '" . $Email . "', '" . $Sex . "', '" .$MaritalStatus . "', '" .$Occupation . "', '" .$WorkPlace . "')" ;
mysql_query("set names 'utf8'");
$strResult = mysql_query($strSQL) or
$ErrorMessage = '%FQC #/.D* 'D'3E #H 'D(1J/ 'D'DC*1HFJ D4.5 ".1 E3,QD D/JF'';
if($ErrorMessage != '%FQC #/.D* 'D'3E #H 'D(1J/ 'D'DC*1HFJ D4.5 ".1 E3,QD D/JF'')
{
session_write_close();
?>
<script language=javascript>
window.location.replace('traininginfo.php');
</script>
<?php
}
}
else
{
$ErrorMessage = '%F ,G) 'D9ED :J1 5-J-)';
}
}
else
{
$ErrorMessage = '%F 'DEGF) :J1 5-J-)';
}
}
else
{
// if all is not well we echo an error message
$ErrorMessage ='%F 'D(1J/ 'D'DC*1HFJ :J1 5-J-';
}
}
else
{
$ErrorMessage = '%F 1BE 'D,H'D :J1 5-J-';
}
}
else
{
$ErrorMessage = '%F 1BE 'DG'*A :J1 5-J-';
}
}
else
{
$ErrorMessage = "%F '3EC 'D+D'+J :J1 5-J-";
}
}
else
{
$ErrorMessage = "A6D'K 'ED# ,EJ9 'D-BHD 'D61H1J)";
}
}
?>
<?php require_once('header.php'); ?>
<!-- cell part of outer table -->
<td dir="rtl" valign="top">
<!-- beginning of table containing all body contents -->
<table align="center" cellpadding="10" name="BodyTable">
<tr>
<td valign="top">
<!-- beginning of links table -->
<table cellpadding="5" align="right" name = "LinksTable">
<tr width="100px">
<td align="right">
<a href="personalinfo.php" style="color: #D75A27">E9DHE'* 4.5J)</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="traininginfo.php" style="color: #E2E2E2">'D/H1'* HH14 'D9ED</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="languages.php" style="color: #E2E2E2">D:'*</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="preferredwork.php" style="color: #E2E2E2">'D#9E'D 'D*7H9J) 'DEA6D)</a>
</td>
</tr>
<tr width="100px">
<td align="right">
<a href="skills.php" style="color: #E2E2E2">EG'1'*</a>
</td>
</tr>
<!-- end of links table -->
</table>
<!-- end of first cell inside BodyTable -->
</td>
<!-- beginning of second cell inside BodyTable -->
<td>
<?php
if($ErrorMessage != "")
{ echo '<p style="color: #D75A27; text-align: center; font-weight:bold; font-size: 12pt">' . htmlspecialchars($ErrorMessage) . '</p>'; } ?>
<form name="thisForm" id="thisForm" accept-charset="utf-8"; method="post"; action="<?php echo $PHP_SELF; ?>" ; enctype="multipart/form-data: charset=utf-8 " >
<FIELDSET style="width:300">
<LEGEND style="color:"><b>E9DHE'* 4.5J)</b></LEGEND>
<!-- beginning of FormTable -->
<table align="right" cellspacing="15px" class="form" name="FormTable">
<tr>
<td align="right" style="width:100"><b>
'D'3E 'D+D'+J</b>
</td>
<td>
<input type="text" name="FullName" value="<? print $FullName; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
G'*A 'DEF2D
</b>
</td>
<td>
<input type="text" name="HomePhone" value="<?print $HomePhone; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
G'*A 'D9ED
</b>
</td>
<td >
<input type="text" name="WorkPhone" value="<?print $WorkPhone; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
'D,H'D
</b>
</td>
<td>
<input type="text" name="CellPhone" value="<?print $CellPhone; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td ><b>
'DA'C3
</b>
</td>
<td>
<input type="text" name="Fax" value="<?print $Fax; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
5.(
</b>
</td>
<td>
<input type="text" name="POBox" value="<?print $POBox; ?>" />
</td>
</tr>
<tr align="right">
<td><b>
'D(1J/ 'D'DC*1HFJ
</b>
</td>
<td>
<input type="text" name="Email" value="<?print $Email; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td>
'D,F3
</td>
<td>
<input type="radio" name="Sex" <?php if($Sex == "f"){echo " CHECKED";}?> value="f" /> #F+I
<input type="radio" name="Sex" <?php if($Sex == "m"){echo " CHECKED";}?> value="m" /> 0C1
</td>
</tr>
<tr align="right">
<td>
'D-'D) 'D',*E'9J)
</td>
<td>
<input type="radio" name="MaritalStatus" <?php if($MaritalStatus == "E*2H,"){echo " CHECKED";}?> value="E*2H," /> E*2H,
<input type="radio" name="MaritalStatus" <?php if($MaritalStatus == "#92("){echo " CHECKED";}?> value="#92(" /> #92(
</td>
</tr>
<tr align="right">
<td style="width:100"><b>
'DEGF)
</b>
</td>
<td>
<input type="text" name="Occupation" value="<?print $Occupation; ?>"/> <span style="color:red">*</span>
</td>
</tr>
<tr align="right">
<td><b>
,G) 'D9ED
</b>
</td>
<td>
<input type="text" name="WorkPlace" value="<?print $WorkPlace; ?>" /> <span style="color:red">*</span>
</td>
</tr>
<!-- end of FormTable-->
</table>
</FIELDSET>
<br>
<input type="hidden" name="process" value="1">
<input type="submit" name="Continue" size="10" value="'D*'DJ >>" />
<!-- end of second cell inside BodyTable -->
</td>
</tr>
<!-- end of table containing all body contents -->
</table>
<!-- end of mid cell in outer table -->
</td>
</form>
<td width="155" bgcolor="#296566" valign="top"><img src="images/swirl.jpg" /></td>
</tr>
<?php require_once('footer.php'); ?>
Try changing:
if ($_POST['process'] == 1)
Into
if($_SERVER['REQUEST_METHO
if ($_POST['process'] == 1)
Into
if($_SERVER['REQUEST_METHO
ASKER
OK! it's gone!
thanks for your assistance and I really appreciate your patience and concern (even though I had already marked one of your posts as an answer)
I really appreciate your hard work and commitment to solve my question.
thanks again
thanks for your assistance and I really appreciate your patience and concern (even though I had already marked one of your posts as an answer)
I really appreciate your hard work and commitment to solve my question.
thanks again