Php Sessions And Post Variables Issues

sonesay

Dec 21 2007, 04:26 AM

You can test it out for yourself at http://sonesay.trap17.com/application.php

I've been working on this page locally and it seems to be working fine but when I upload it to my trap17 account the post variables dont get saved properly. Fill in some fields and submit it, the form will come up as a empty field yet when you resubmit it without any modifications and the data you entered in orginally will now magically appear, resubmit it again and it will be gone.

This is really annoying as I have no clue why it would be doing this when it seems to work fine locally.

application.php

CODE

<?php
/*

Application page
===================
uses _core.php
uses includes/application_content.php for content


*/
session_start();
include('db.php');



// page settings
$title = 'Application';
$location = 'application.php';
$lu_title = 'Login';
$ru_title = 'News';
$lp_title = 'Navigation';
$cp_title = $title;
$rp_title = 'Events';

$content = 'includes/application_content.php';


include('_core.php');

?>

_core.php

CODE

<?php


// output page

echo "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />
&lt;script type='text/javascript' src='ext-1.1.1/adapter/yui/yui-utilities.js'></script>
&lt;script type='text/javascript' src='ext-1.1.1/adapter/yui/ext-yui-adapter.js'></script>
&lt;script type='text/javascript' src='ext-1.1.1/ext-all-debug.js'></script>

&lt;script type='text/javascript' src='jquery-1.2.1.min.js'></script>            
&lt;script type='text/javascript' src='date.js'></script>
<!--[if IE]>&lt;script type='text/javascript' src='jquery.bgiframe.min.js'></script><![endif]-->
&lt;script type='text/javascript' src='jquery.datePicker.js'></script>

<link href='nexus_main.css' rel='stylesheet' type='text/css' />
<link rel='stylesheet' type='text/css' media='screen' href='datePicker.css'>
<link rel='stylesheet' type='text/css' media='screen' href='demo.css'>

<title>$title</title>
</head>


<body>


	<div id='upper_bg'>
    </div>
     <div id='outer'>
    <!-- main container -->
    
    
        <div id='header'>
        	<div id='upper_left_pan'>
            	<div id='upper_left_title'>$lu_title</div>
       			<div id='upper_left_content'>
                	<div id='login_section'>
                        <p>
                        Not logged in, Please login below <br />
                            Username: <input type='text' /><br />
                            Password: <input type='password' /><br />
                            <button disabled='disabled'>Login</button>
                        </p>
                    </div>
                </div>
            </div>
            <div id='header_right_pan'>
            	<div id='upper_right_title'>$ru_title</div>
            	<div id='upper_right_content'><p>No news to display</p></div>
       		</div>
        
        </div>
        
        
        <!-- content container -->
        
        
        <div id='content'>
            <div id='left_pan'>
     			
               		<div class='side_panel_top'>
                    	<div class='side_panel_title'>$lp_title</div>
                    </div>
                        <div class='side_panel_middle'>
                           

";


// include navigation
include('includes/nav_list.php');


echo "

                                          
                        </div>
                    <div class='side_panel_bottom'>
                    </div>
                    
                    
                
            </div>
            <div id='right_pan'>
        		<div class='side_panel_top'>
                    	<div class='side_panel_title'>$rp_title</div>
                    </div>
                        <div class='side_panel_middle'>
                            <div class='side_panel_right_content'>
                               <p>
                               No Current events to display.
                               </p>
                            </div>
                        </div>
                    <div class='side_panel_bottom'>
                    </div>
            </div>
        	<div id='middle_pan'>
            	<div class='center_panel_top'>
                	<div class='center_panel_title'>$cp_title</div>
                </div>
                
                <div class='center_panel_middle'>
                	<div class='center_panel_content'>";
                    
  // Content includes
  if($content != '') {
  	include($content);
  }                    
     
	 
	                  
					  
echo"					  
					  
					  </div>
                </div>
                
                <div class='center_panel_bottom'>
                </div>
                
            </div>

        
        
        </div>
        
        
        
    <!-- main container end -->
	</div>
	
</body>
</html>";
// end page

?>

application_content.php

CODE

<?php
/*
Description
------------
File contains an application form for users to register, Is used by application.php



Contents
----------
1. Functions

2. Application Form
 // Part 1
 2.1 Display Empty form
 2.2 Check and Dsiplay form with any ERRORS if any
 	2.2.1 display form with errors
	2.2.2 display from with no errors, user has to confirm info then moved to Part 2
 // Part 2
 2.3 display details from part 1 (just for display pruposes making sure details are stored.)

*/
$s = $_SESSION;
include('includes/class/userClass.php');



// 1. FUNCTIONS

function ck_app_username($uname) {

	global $link;
	
	// check if user already exisit
	$user_ck_query = "SELECT u_name FROM user WHERE u_name ='" . $uname . "'";
	$user_ck_result = mysql_query($user_ck_query, $link);

	$ck_result = "Default";
	$pattern = "/[!|@|#|$|%|^|&|*|(|)|_|\-|=|+|\||,|.|\/|;|:|\'|\"|\[|\]|\{|\}]/i";
	
	// check for input
	if($uname == '') {
		$ck_result = "<span class='error_header'>Required!</span>";
		$app_errors['username'] = true;
	}
	else if (preg_match($pattern, $uname)) {
		$ck_result = "<span class='error_header'>illegal characters</span>";
		$app_errors['username'] = true;
	}
	else if (preg_match("/[0-9]/", $uname)) {
		$ck_result = "<span class='error_header'>No numbers in username!</span>";
		$app_errors['username'] = true;
	}
	else if (strlen($uname) < 3) {
		$ck_result = "<span class='error_header'>3 Characters minimun!</span>";
		$app_errors['username'] = true;
	}
	else if (mysql_num_rows($user_ck_result) > 0) {
		$ck_result = "<span class='error_header'>User Exist!</span>";
		$app_errors['username'] = true;
	}
	else {
		$ck_result = "<span class='ok_header'>Available</span>";
		unset($app_errors['username']);
	}

	return $ck_result;
}


function ck_app_password($pwd,$cpwd) {
// version 1.0	
	$app_password_result = "default";
	
	// check password
	if($pwd == '' || $cpwd == '') {
		$app_password_result = "<span class='error_header'>Enter password and confirm!</span>";
		$app_errors['password'] = true;
	}
	// user submitted something
	else if ($pwd != $cpwd) {
		$app_password_result = "<span class='error_header'>Passwords do not match!</span>";
		$app_errors['password'] = true;
	}
	// check for minimun chars for password 6
	else if (strlen($pwd) < 6) {
		$app_password_result = "<span class='error_header'>Passwords must be 6 characters or more!</span>";
		$app_errors['password'] = true;
	}
	// all checks done password ok
	else {
		$app_password_result = "<span class='ok_header'>OK!</span>";
		unset($app_errors['password']);
	}
	
	// return result
	return $app_password_result;
}


function ck_name($name) {
	$ck_name_result = 'Default';
	$regex = "/[^a-zA-Z]/";
	
	
	if($name == '') {
		$ck_name_result = "<span class='error_header'>Required!</span>";	
		$app_errors['name'] = true;
		
	}	
	else if(preg_match($regex,$name)) {
		$ck_name_result = "<span class='error_header'>Error. a-z A-Z only!</span>";
		$app_errors['name'] = true;
	}
	else {
		
		$ck_name_result = "<span class='ok_header'>OK</span>";
		unset($app_errors['name']);
	}
	return $ck_name_result;
}



function ck_email ($mail) {
	//default
	$ck_email_result = "Default";	
	//pattern
	$regex = '/\A(?:[a-z0-9!#$%&\'*+\/=?^_`{|}~-]+'
	.'(?:\.[a-z0-9!#$%&\'*+\/=?^_`{|}~-]+)*@'
	.'(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(?:[a-z]{2}|'
	.'com|org|net|gov|biz|info|name|aero|biz|info|jobs|'
	.'museum)\b)\Z/i';

	if ($mail == '') {
		$ck_email_result = "<span class='error_header'>Email Required!</span>";	
		$app_errors['email'] = true;
	}
	else if (preg_match($regex, $mail)) {
		$ck_email_result = "<span class='ok_header'>OK!</span>";
		$app_errors['email'] = true;
	}
	else {
		$ck_email_result = "<span class='error_header'>Invalid Emai!</span>";
		unset($app_errors['email']);	
	}
	
	return $ck_email_result;
} 

// END FUNCTIONS =======



// 2. APPLICATION FORM ================================================================================
============ 


// 2.1 DISPLAY EMPTY FORM
if(count($p) == 0) {
echo "	
	<h1>Personal Details - Part 1 of 5</h1>
	<p>
	Fill in all the fields below. Make sure you have read and understood the <a href='rules.php'>rules</a> before posting an application to join the Linkshell(s).
	</p>
	
	<form name=\"app_form\" method=\"post\" action=\"application.php\">
		<input type=\"hidden\" name=\"app_stage\" value=\"1\" />
		
		
		<ul class=\"app_details\">
			<li class=\"col1\">Desired Username</li>
			<li><input type=\"text\" name=\"app_username\" /></li>
		</ul>
		<ul class=\"app_details\">
			<li class=\"col1\">Password</li>
			<li><input type=\"password\" name=\"app_password\" /></li>
		</ul>
		<ul class=\"app_details\">
			<li class=\"col1\">Comfirm Password</li>
			<li><input type=\"password\" name=\"app_cpassword\" /></li>
		</ul>
		
		<ul class=\"app_details\">
			<li class=\"col1\">First Name</li>
			<li><input type=\"text\" name=\"app_fname\" /></li>
		</ul>
		<ul class=\"app_details\">
			<li class=\"col1\">Last Name</li>
			<li> <input type=\"text\" name=\"app_lname\" /></li>
		</ul>  
		
		
		&lt;script language='javascript' type='text/javascript'>
				$(function()
				{
					$('.date-pick').datePicker({startDate:'01/01/1950'});
				});
			</script>
			
		<ul class=\"app_details\">
			<li class=\"col1\">DOB</li>
			<li><input type=\"text\" size=\"10\" name=\"app_dob\" class='date-pick' value='' readonly='readonly' /></li>
		</ul>  
		
		<ul class=\"app_details\">
			<li class=\"col1\">Gender</li>
			<li> <select name=\"app_gender\" />
					<option value=\"m\">Male</option>
					<option value=\"f\">female</option>        	
				</select>
			</li>
		</ul> 
		
		<ul class=\"app_details\">
			<li class=\"col1\">Email</li>
			<li> <input type=\"text\" name=\"app_email\" /> $email_result</li>
		</ul> 
		
		<ul class=\"app_details\">
			<li class=\"col1\"></li>
			<li><button>Submit</button></li>
		</ul> 
	</form>	
";
}


// 2.2 Display form with any errors  ============================================

else if((count($p) > 0) && ($p['app_stage'] < 2 )){
	
	$app_username = strtolower($p['app_username']);
	$_SESSION['app_username'] = htmlspecialchars($app_username);
	$_SESSION['app_password'] = $p['app_password'];
	$_SESSION['app_cpassword'] = $p['app_cpassword'];
	$_SESSION['app_fname'] = $p['app_fname'];
	$_SESSION['app_lname'] = $p['app_lname'];
	$_SESSION['app_gender'] = $p['app_gender'];
	$_SESSION['app_dob'] = $p['app_dob'];
	$_SESSION['app_email'] = $p['app_email'];
	
	if ($p['app_stage'] == 1) {
		// check results 
		if(!isset($s['app_errors'])) {
			$s['app_errors'] = array();
		}
		$app_errors = $s['app_errors'];	
		//username
		$username_result = ck_app_username($s['app_username']);
		if($username_result == "<span class='ok_header'>Available</span>") {
			unset($app_errors['username']);
		}
		else{
			$app_errors['username'] = true;
		}
		//password
		$password_result = ck_app_password($s['app_password'],$s['app_cpassword']);
		if($password_result == "<span class='ok_header'>OK!</span>") {
			unset($app_errors['password']);
		}
		else{
			$app_errors['password'] = true;
		}
		// names
		$fname_result = ck_name($s['app_fname']);
		$lname_result = ck_name($s['app_lname']);
		//email
		$email_result = ck_email($s['app_email']);
		if($email_result == "<span class='ok_header'>OK!</span>") {
			unset($app_errors['email']);
		}
		else{
			$app_errors['email'] = true;
		}
				
	
	
		// 2.2.1 Display application with ERRORS  ==========================================
		if(count($app_errors) > 0) {
	
			echo "
			
			<h1>Personal Details - Part 1 of 5</h1>
			
			<p>
			There are <span class='error_header'>errors</span>  please correct and resubmit. 
		</p>
			
			
			<form name=\"app_form\" method=\"post\"  action=\"application.php\">
				<input type=\"hidden\" name=\"app_stage\" value=\"1\" />
				
				
				<ul class=\"app_details\">
					<li class=\"col1\">Desired Username</li>
					<li><input type=\"text\" name=\"app_username\" value=\"{$s['app_username']}\" /> $username_result</li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Password</li>
					<li><input type=\"password\" name=\"app_password\" value=\"{$s['app_password']}\" /></li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Comfirm Password</li>
					<li><input type=\"password\" name=\"app_cpassword\" value=\"{$s['app_cpassword']}\" /> $password_result</li>
				</ul>
				
				<ul class=\"app_details\">
					<li class=\"col1\">First Name</li>
					<li><input type=\"text\" name=\"app_fname\" value=\"{$s['app_fname']}\" /> $fname_result</li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Last Name</li>
					<li> <input type=\"text\" name=\"app_lname\" value=\"{$s['app_lname']}\" /> $lname_result</li>
				</ul>  
				
				
				
				&lt;script language='javascript' type='text/javascript'>
						$(function()
						{
							$('.date-pick').datePicker({startDate:'01/01/1950'});
						});
					</script>
				
				
				
				<ul class=\"app_details\">
					<li class=\"col1\">DOB</li>
					<li><input type=\"text\" size=\"10\" name=\"app_dob\"  value=\"{$s['app_dob']}\" class='date-pick' readonly='readonly' />
					</li>
				</ul>  
				
				<ul class=\"app_details\">
					<li class=\"col1\">Gender</li>
					<li> <select name=\"app_gender\" />
							";
							// check if gender selected 
							if($p['app_gender'] == 'f') {
								echo "<option value=\"f\">female</option> 
									<option value=\"m\">Male</option>								
								";
							}
							else {
								echo "<option value=\"m\">Male</option>
									<option value=\"f\">female</option> 
								";
							}
							
							
							
				echo "       	
						</select>
					</li>
				</ul> 
				
				<ul class=\"app_details\">
					<li class=\"col1\">Email</li>
					<li> <input type=\"text\" name=\"app_email\"  value=\"{$s['app_email']}\" /> $email_result </li>
				</ul> 
				
				<ul class=\"app_details\">
					<li class=\"col1\"></li>
					<li>
						<button>Re-submit</button>	
					</li>
				</ul> 
			</form>
			";	
		}
		// 2.2.2 Display application form with 0 ERRORS  ==========================================
		else {
			
			
			
			echo "
			
			<h1>Personal Details - Part 1 of 5</h1>
			<p>
			Please confirm details and submit, If there are any changed needed to be made hit the back button now. 
			</p>
			
			
			<form name=\"app_form\" method=\"post\" action=\"application.php\">
				<input type=\"hidden\" name=\"app_stage\" value=\"2\" />
				
				
				<ul class=\"app_details\">
					<li class=\"col1\">Desired Username</li>
					<li><input type=\"text\" name=\"app_username\" value=\"{$s['app_username']}\" disabled='disabled' /> $username_result</li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Password</li>
					<li><input type=\"password\" name=\"app_password\" value=\"{$s['app_password']}\"  disabled='disabled' /></li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Comfirm Password</li>
					<li><input type=\"password\" name=\"app_cpassword\" value=\"{$s['app_cpassword']}\"  disabled='disabled' /> $password_result</li>
				</ul>
				
				<ul class=\"app_details\">
					<li class=\"col1\">First Name</li>
					<li><input type=\"text\" name=\"app_fname\" value=\"{$s['app_fname']}\"  disabled='disabled' /> $fname_result</li>
				</ul>
				<ul class=\"app_details\">
					<li class=\"col1\">Last Name</li>
					<li> <input type=\"text\" name=\"app_lname\" value=\"{$s['app_lname']}\"  disabled='disabled' /> $lname_result</li>
				</ul>  
				
				
				
				&lt;script language='javascript' type='text/javascript'>
						$(function()
						{
							$('.date-pick').datePicker({startDate:'01/01/1950'});
						});
					</script>
				
				
				
				<ul class=\"app_details\">
					<li class=\"col1\">DOB</li>
					<li><input type=\"text\" size=\"10\" name=\"app_dob\"  value=\"{$s['app_dob']}\"  disabled='disabled' />
					</li>
				</ul>  
				
				<ul class=\"app_details\">
					<li class=\"col1\">Gender</li>
					<li> <select name=\"app_gender\"  disabled='disabled'/>
							";
							// check if gender selected 
							if($p['app_gender'] == 'f') {
								echo "<option value=\"f\" >female</option> 
									<option value=\"m\">Male</option>								
								";
							}
							else {
								echo "<option value=\"m\" >Male</option>
									<option value=\"f\">female</option> 
								";
							}
							
							
							
				echo "       	
						</select>
					</li>
				</ul> 
				
				<ul class=\"app_details\">
					<li class=\"col1\">Email</li>
					<li> <input type=\"text\" name=\"app_email\"  value=\"{$s['app_email']}\"  disabled='disabled' /> $email_result </li>
				</ul> 
				
				<ul class=\"app_details\">
					<li class=\"col1\"></li>
					<li>
						<button>Continue to Part 2</button> 	
					</li>
				</ul> 
			</form>
			";
		}

	}
	
}
// 2.3 Display stored personal details from part 1
else if (count($p) > 0 && $p['app_stage'] == 2) {
		$post_count = count($p);
	
	// 2.3.1 int User
	
	$app_user = new user;
	$app_user = $_SESSION['app_user'];
	
		
	$app_user->username = $_SESSION['app_username'];
	$app_user->password = $_SESSION['app_password'];
	$app_user->fname = $_SESSION['app_fname'];
	$app_user->lname = $_SESSION['app_lname'];
	$app_user->gender = $_SESSION['app_gender'];
	$app_user->dob = $_SESSION['app_dob'];
	$app_user->email = $_SESSION['app_email'];
		
echo "
			
			<h1>FFXI Game Details - Part 2 of 5</h1>
			<p>
			Part 2 
			</p>
			<p>
			$app_user->username <br />
			$app_user->fname <br />
			$app_user->lname <br />
			$app_user->gender <br />
			$app_user->dob <br />
			$app_user->email <br />
			</p>
	
			";	
}




?>

After a V drink and having another go at it I find the solution. Instead of printing back out $_SESSION['var'] into the form fields value, I changed it to $_POST['var'] and it works. I guess I cant rely on the sessions vars being asigned properly even though it works on my localhost. Ah another PHP problem of my programming career out of the way.

Comment/Reply (w/o sign-up)

shadowx

Dec 21 2007, 11:46 AM

Im glad to see you've solved it, one thing to remember is that at T17 POST and GET variables arent assigned to their variable name eg:

On my localhost i have a HTML page that creates the $username variable using the POST method of a form and links to the below code in PHP and it works fine:

CODE

echo "hello $username";

But on T17 the $username variable would be blank here because i need to use the POST array to get it out:

CODE

$username = $_POST['username'];
echo "hello $username";

This would work. I had major headaches because of this fact and then realiser it was a security concern to have it get them automatically from the POST and GET arrays. The setting is in the PHP.ini file in your localhost folders somewhere so you can change it yourself but i dont know the name so maybe someone else can help. Im not sure if this affects your scripts because i couldn't tell which variables were passed from POST and which weren't but its a thing to remember if you have this problem or if anyone else does.

Comment/Reply (w/o sign-up)

Php Sessions And Post Variables Issues - My script dosent seem to work as intended

Php Sessions And Post Variables Issues - My script dosent seem to work as intended