Unique php page

Discussion in 'Scripts, 3rd Party Apps, and Programming' started by bunglebrown, Oct 1, 2008.

  1. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    No problem.. simple.

    When you've created your random $memid on the 2nd page, just below it, put

    PHP:
      $_SESSION['memid'] = $memid;
    This session variable is now set for every page the browser visits until he closes the browser. In other words, you no longer have to send it in the URL so the links you are using from page 2 to 3 can be set to the standard lin without the ?memid=<?php echo etc. etc.

    On the 3rd and fourth page, instead of using

    PHP:
    $_GET['memid']
    use

    PHP:
    $_SESSION['memid']
    Both will pull the variable from session memory.
    Edit:
    Just remembered..

    You need to make sure you have the session started.

    Just put

    PHP:
    session_start();
    at the very top of the page.
     
    Last edited: Oct 20, 2008
  2. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    This is great - I didn't get it to work on the next pages' URL but at least I know that you know what you're talking about it... and it was inserted into the database so pleased there. A little fiddling and it will be fine I'm sure in the URLS. I put this into the form action - literally replacing the $_GET['memid'] as you suggested.

    Code:
    action="http://www.mywebsite.php?memid=<?php echo $_SESSION['memid'];?>"
    Also I put this at the top of the page as you instructed.

    PHP:
    <?php 
    session_start
    ();  
    ?>
    not forgetting the:

    PHP:
    <?php
     
    // Usage
     
    $randomwhatever createRandomString();
     
    $memid createRandomString();
     
    $boguscharacterstring createRandomString();
     
    $_SESSION['memid'] = $memid;
    ?>
    on the page that created the random $memid on the 2nd page as you said

    Is this right? . . just not getting the code in the URL... thanks like never before
     
  3. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    You don't need this now, provided you've assigned the memid to session.

    This will now just be

    Code:
    action="http://www.mywebsite.php"
    Sort of...
    If its only the $memid you need to generate, you can delete the $randomwhatever line and the $boguscharacterstring line.

    You won't do. The $memid variable is saved to session memory and is not passed by URL anymore. You can still call it nonetheless.
     
    Last edited: Oct 20, 2008
  4. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    thanks

    so how do I call the $memid in the URL in each step process as it's only http://www.mywebsite.php currently?
     
  5. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    You don't call it from the URL any more.

    To clarify the difference between the two methods:

    1) URL's: The variable (i.e. $memid) is sent from page 1 to page 2 by putting the variable into the URL (extension at the end of the URL .php?memid=<?php echo $memid;?>) This value then has to be extracted from the URL in page 2 by using the $_GET function. If you wanted to go to a third or fourth page, you would have to re-create the whole process for each page.

    2) Sessions: The variable (i.e. $memid) is saved to session memory on page 1. On page 2, you simply call that value from memory, rather than from the URL. Similarly, you can call this value from session memory on any page (page 47 if you wanted). The value will still be there provided the session continues.

    So for example, if previously you were using the $_GET['memid'] method to call your variable values from the URL, you now use $_SESSION['memid'] which provides exactly the same value, only it doesn't need anything in the URL to extract from.

    Am I getting any clearer?
     
  6. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    so are you telling me that it isn't seen in the URL? Because I replaced the $_GET['memid'] with $_SESSION['memid'] as you can see in my previous post and it didn't show up in the next pages' URL as I wish.
     
  7. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    Correct!
     
  8. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    so anyone can access these pages - I thought the point of unique URLS was so that they could not be accessed unless previous stages had been completed. Can we do this?
     
  9. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    You're missing the point.

    A "Session" is unique to the visitor even though you can't see it.

    When the previous stage has been completed by an individual and the random character string is saved to session memory, no-one else can access it.

    In other words, when the $memid is created, it remains unique to that person.

    When I said "in memory", I didn't mean memory for anyone to access!

    Login scripts commonly use session variables to control user authentication.
     
  10. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    no - I do get it, but if for example I have an upload section where users can upload images then anyone can access that page by simply entering the URL into the address bar and upload to my server. That's what I mean - I want to make it only accessible if they complete previous stages in the process. Do you know what I mean? Maybe I need to do something different for this. Thanks..
     
  11. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    Now I'm with you!!!

    I still think you should use sessions as this will allow you to use as many "steps" as you want.

    However, when preparing the final link to the page, you need to extract the $memid from session memory and insert this as part of the URL that you are saving.

    e.g.

    PHP:
    <?php
    $memid 
    $_SESSION['memid']; //extract the value from session
    $urllink "http://yoursite/uploadedimages/".$memid.".php"// this adds the basic URL with the unique id.
    echo $urllink//this will show what the final link is.
    ?>
    You then use the $urllink to insert to db.
     
  12. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    Will that code that you put last post put it into the url? 'cos it doesn't work when I try. If not, how do I?

    I'm going to keep the db as it was - with just the $memid code. I hope this won't make a difference.

    thanks & regards
     
  13. xav0989

    xav0989 Community Public Relation Community Support

    Messages:
    4,467
    Likes Received:
    95
    Trophy Points:
    0
    For my guess, I'd say that the best way to get around this problem is to read a couple of global php tutorials, and some registration/session php tutorial, and modify them.
     
  14. cursedpsp

    cursedpsp New Member

    Messages:
    237
    Likes Received:
    0
    Trophy Points:
    0
    what you would want to do is use a while statement, a text file and some writing.
     
  15. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0


    Well it depends on how you are using this character string.

    Could you explain the whole process in detail and I can try to help from there.

    i.e. - page 1 and what it does.

    page 2

    etc...

    You say that you're using the $memid random string to form a URL link but how is this being done?

    In order for this to be done, you need to show content based on the variable in the URL.

    If this is the case, the code should have been.

    PHP:
    <?php
    $memid 
    $_SESSION['memid']; //extract the value from session
    $urllink "http://yoursite/linkpage.php?memid=".$memid // this produces the URL to a page with the unique id embedded.
    echo $urllink//this will show what the final link is but doesn't do anything else.
    ?> 



     
  16. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    Page 1 - user enters personal details = working

    Page 2 - random $memid is created and sent to users address (inputted on page 1) and $memid is saved to db. $_SESSION is also created = all working

    Page 3 - user accesses the page through the automated email and can there select some checkboxes which I wish to be saved to the same db table as the info entered on page 1 = not currently working

    Page 4 - user uploads an image to the server = not working


    If this is the case, the code should have been.
    FreeCRM - your post of 10-23-08 led me to believe that I could have the $memid in the url as I did with the $_GET beforehand, however with more than just the following page (as with the $_SESSION). I therefore tried to use this code in doing so.

    As you know I'm trying to limit access to these unique pages so that users must complete the process step by step to reach them. Am I right in thinking that the $_SESSION does that? But I am using the $_SESSION and it doesn't input into the database so I have kept that as $memid. Also as yet I have been able to access all of the pages by simply putting the URL in the address bar which means that they are not unique. I have followed the steps you have guided me through and now think you understand what I want and what I have but if not I can explain more. Thanks for the help_
     
  17. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    OK

    Check list:

    1) On page 2, is the $memid structured as part of the URL link back to page 3? In other words, when you view Page 3 from the e-mailed link, does the address bar include something like

    Code:
    http://www.yoursite.com/page3.php?memid=drRE3-iisd
    2) On page 3, you need to create a recordset based on the $memid in the URL so that you are accessing the same record that was created originally. This recordset should also contain the unique ID.

    [SQL] SELECT * FROM TABLE WHERE MEMBERSHIPID LIKE $_SESSION['memid']
    [/SQL]

    (Not sure if you can put session variables directly into SQL statements - if not, you'll have to allocate the memid as a normal variable first before putting it in to the SQL.)

    Put the unique id from that recordset in your form (hidden field). The default value for this field would be something like

    PHP:
    <?php echo $row_recordset['uniqueid']; ?>
    The sql statement to save the checkbox options is just an update, not an insert.

    The Update will find the unique id placed in the hidden field and update that record accordingly.

    I suggest you get this step working correctly first.

    3) uploading images is not my speciality and I recommend you set up a new thread for this.
     
  18. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    No - it doesn't

    This is my attempt:

    PHP:
    $query_rsdef2 sprintf("SELECT search_memid, ad_application FROM `bungle_MFPOI` WHERE search_memid = %s"GetSQLValueString($colname_rsdef2"text"));
    $query_limit_rsdef2 sprintf("%s LIMIT %d, %d"$query_rsdef2$startRow_rsdef2$maxRows_rsdef2);
    $rsdef2 mysql_query($query_limit_rsdef2$ad_application) or die(mysql_error());
    $row_rsdef2 mysql_fetch_assoc($rsdef2);
    It's returning this though:

    PHP:
    $rsdef2 mysql_query($query_limit_rsdef2$ad_application) or die(mysql_error());
    Then I put this into the form action:

    Code:
    action="http://www.webvertising4free.com/MFPOI/indexMFPOI1applynowS2brecovery.php?memid=<?php echo $row_recordset['memid']; ?>"
    I must confess to not knowing why I need a unique ID when I have the $memid. Thanks for all/
     
  19. freecrm

    freecrm New Member

    Messages:
    629
    Likes Received:
    0
    Trophy Points:
    0
    The I suggest you refer to my post 2.10 which details how to do this in the e-mail link.

    Any resultant Recordset won't work unless this variable is passed on because it doesn't have anything to look for.

    I would suggest that you temporarily echo the $memid on page 3 to make sure it is pulling through.

    PHP:
    <?php echo $_GET['memid'];?>
    The unique id is critical.

    Althought the chances of getting a repeat $memid are extremely small, there is a very small chance, whereas a unique id will not repeat.

    Alternatively, you can set the DB structure so that the search_memid field is unique (rather than having a seperate field). This however may present some problems on page 2, so I suggest you create a seperate uniqueid field (int(10) autoincrement) and use that as the identifier.

    I hear you ask "why not just use the uniqueid instead of the randomly created $memid?"

    Well, it would be veru easy to guess the uniqueid as they run consequetively 0,1,2,3 etc. so if you use this in your URL, anyone could easy access it.
     
  20. bunglebrown

    bunglebrown New Member

    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    0
    sorry - misunderstood - this is working yes. I also realised that as you suggested page 3 does contain the $memid using $SESSION as long as the user doesn't close the browser window or press 'back', etc.

    So I have the db set up with unique id and memid as you directed as well as the other columns. I might be going around in circles here but how do you suggest that I insert user data inserted on page 3 into the same table as page 2 so that all the info for the same user is in the same table row?

    Also currently I can still enter http://www.yoursite.com/page3.php and access the page without the need for a code - I need to make it unaccessible to those who don't follow the process and am still unsure how to do this.

    _many thanks

    just noticed the last part of this sentence:

    So how exactly could I use it as the identifier?
     
    Last edited: Nov 1, 2008

Share This Page