[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1453
  • Last Modified:

Forwarding POST data to another php script

Hi,

I have an image gallery, and since it has user submitted content, I wanted my users to be shown a warning about that, and if they agree, forward them on. Something like this:

my_gallery.php
<?php
    // checking mysql table
    if (userHasNotAgreedToEULA) {
        // If they hit yes, forward them to acceptance script along with all POST data.
        echo "There might be bad stuff here, do you want to continue?:";
        echo "<a href = 'https://mysite.com/agree_to_eula.php'>Sure</a>;
        return;
    }
 
    // They already agreed, show them pictures.
    echo "<img src = 'happy_face.jpg";
}

// agree_to_eula
<?php
   
    // I need the POST data from the previous script here.
    mysql_query("update users set agreed = 1 where user_id = '" . $userid . "'");

    // Now forward them back to the original page, along with all the POST data.
    redirectTo("my_gallery.php");
?>

So I'm not sure how to "forward" the POST data to another one of my scripts, and I also don't know how to do an automatic redirect to another page (like at the bottom of the second script example). The POST data has a lot of info in it.

Thanks
0
DJ_AM_Juicebox
Asked:
DJ_AM_Juicebox
  • 5
  • 4
  • 2
  • +1
1 Solution
 
RobinSoftware EngineerCommented:
Have a look at http://mrarrowhead.com/php_tutorials_mah/php_passing_variables.php

Probably the best way is to store the POST data in your session variable $_SESSION.

Redirecting to another page in php is like:

header("Location: otherpage.php");
0
 
Ray PaseurCommented:
To foward the post data, do these things:

In the top of EVERY script start the session
Serialize the POST array
Put it into the SESSION array

In scripts that need the forwarded data
Take POST from the SESSION
Unserialize POST

After the header("Location: ..."); statement, ALWAYS put die(); or exit;

HTH, ~Ray
<?php // ON TH SENDING PAGE
// SESSIONS ON EVERY PAGE
session_start();
$_SESSION["post"] = serialize($_POST);
 
 
 
// ON THE RECEIVING PAGE
session_start();
$foreign_POST = unserialize($_SESSION["post"]);
 
 
// TO REDIRECT TO A LOCAL PAGE
header("Location: my_gallery.php");
exit;
 
 
// TO REDIRECT TO A PAGE RELATIVE TO THE WWW ROOT
header("Location: /my_gallery.php");
exit;

Open in new window

0
 
Michael701Commented:
Ray, That's a cool solution. I was thinking to repost the data with CURL
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Ray PaseurCommented:
@Michael701: Thanks.  It will work with anything but the largest data sets.  However I prefer to just put the data into the data base and let the next page get the data out of the data base.  Passing it along in $_SESSION risks the situation that a client will be halfway through his work and the doorbell will ring... And while he is away, the session will time out.  

best to all, ~Ray
0
 
DJ_AM_JuiceboxAuthor Commented:
Ok I need to read up on the session stuff.

Here's my most pressing problem with this right now - at the moment, I have users going to a gateway page, and the client application sends in the POST data their unique user ID, and some other small info. This is working fine.

The release date for the client software is close, and I won't have time to build out all the web side of this project before the release.

As long as that initial page is getting all that POST data, I should in theory be able to pass it between as many pages as I need to right?

I will probably want (from the gateway page) to send users to a page where they'd enter credit card information via paypal, and stuff like that. So the POST data should be able to survive through all those page transitions?

Anything I should know about now, any limitations? My ultimate goal would be to release the client software as-is, and be able to build out the web side without any client upgrades necessary,

Thanks
0
 
Ray PaseurCommented:
Your safest approach is to put the data into the data base.  

Put a page-initialization script at the top of every page (In my scripts, my first statement is "require_once('config.php');" ) and have it retrieve the data from the data base.  Carry the client-id in the session array.  That way if you lose the session array, you just have to ask for another login.  If you have all the POST data in session, and you lose the session, well, ... Bummer!
0
 
DJ_AM_JuiceboxAuthor Commented:
Ok, sorry for my ignorance, last question -

So this page has to take POST data from the user, but how do I reconcile the fact that it might also be taking data from a previous session? For example, my page is just an image gallery, and I need to re-show the page, just with a different set of images - so does it take the data out of $_POST or does it take it from the $_SESSION? Do I just check to see which exists?:



// gallery.php
<?php
   session_start();
   
   $userid = "";
   $username = "";
   if (isset($_SESSION["post"])) {
       $foreign_POST = unserialize($_SESSION["post"]);
       $userid   = $foreign_POST["userid"];
       $username = $foreign_POST["username"];
   }
   else {
       // Normal POST processing routine.
       $userid   = $_POST["userid"];
       $username = $_POST["username"];
   }
   
   // Now I can do the rest of the script stuff, whether
   // the data came from the user for the first time, or
   // if this is just a 'reload'.
   <a href="gallery.php">Next Images</a>
?>

Open in new window

0
 
Ray PaseurCommented:
I think that is a business logic question I can't answer.  A general strategy might be to take everything from $_SESSION and then overwrite with whatever was in $_POST.  But it would be up to you as the app designer to choose the order of precedence.

Best, ~Ray
0
 
DJ_AM_JuiceboxAuthor Commented:
Ok I think that's what I want to do:

if ($_SESSION has serialized post data already) {
    use it.
}
else {
    it should be in $_POST, otherwise fail loading the page
}

And this is what I cobbled together, it seems to work. I'm not sure if I'm using PHP correctly to alias the POSTDATA variable (I just want it to be like a pointer in C/C++, not do a whole copy):
<?php 
    start_session();
 
    $POSTDATA = ""; // points to the right array to use.
    if (isset($_SESSION["post"])) {
        // Use data serialized from a previous load.
        $POSTDATA = unserialize($_SESSION['post']);
    }
    else {
        // Use data from a first-time post.
        $_SESSION['post'] = serialize($_POST);
        $POSTDATA = $_POST;
    }
 
    // Normal page processing....
    $user_name  = $POSTDATA['user_name'];
    $user_color = $POSTDATA['user_color'];
    // etc...
    
?>

Open in new window

0
 
Ray PaseurCommented:
Yes, that looks OK.  One minor change at line 2
<?php 
    session_start();
 
    $POSTDATA = ""; // points to the right array to use.
    if (isset($_SESSION["post"])) {
        // Use data serialized from a previous load.
        $POSTDATA = unserialize($_SESSION['post']);
    }
    else {
        // Use data from a first-time post.
        $_SESSION['post'] = serialize($_POST);
        $POSTDATA = $_POST;
    }
 
    // Normal page processing....
    $user_name  = $POSTDATA['user_name'];
    $user_color = $POSTDATA['user_color'];
    // etc...
    
?>

Open in new window

0
 
DJ_AM_JuiceboxAuthor Commented:
Thanks a lot it's working well. Got some new questions in a new Q.
0
 
Michael701Commented:
Ok, please accept an answer here, and if you'd like, post links to your new questions.
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now