Registering sesion vars

zoobie

txn_id is a long transaction id generated and posted by a credit card processor. I want to check txn_id against abc_id down the road on another page within the same session. The idea is not to allow anyone to enter page2 directly unless both txn_id and abc_id match. How would I set this up? Thanks

txn_id is posted to this page1:
<?session_start();
$SESSION["txn_id"] = "$txn_id";
$SESSION["abc_id"] = "$abc_id";
$txn_id = $_POST['txn_id'];
?>

page 2:
<?
session_start();
if ($txn_id == $abc_id) {
echo "display proper page";
}
else "ERROR";
?>

rIkLuNd

<?php
session_start(); 
$txn_id = $_POST['txn_id']; 
$_SESSION["txn_id"] = $txn_id; 
// where does $abc_id come from?
$_SESSION["abc_id"] = $abc_id; 
?> 

<?php
session_start(); 
if($_SESSION['txn_id'] == $_SESSION['abc_id'])
{
     echo "display proper page";
}
else
{
   echo "ERROR";
}
?>

zoobie

The abc_id is just something to check against...but if I make it equal the txn_id, it will always pass the "if" statement I think...Dunno...That's why I'm asking...Thanks

zoobie

Does anyone know what I'm talking about?:rolleyes:

TTT

did you mean this:

session_start();  

if($_SESSION['txn_id'] != $_SESSION['abc_id'])  { 
     echo "ERROR";
    print "
<SCRIPT LANGUAGE='JavaScript' TYPE='text/javascript'>
<!--
 window.location.href = 'errorpage.php'
//-->
</SCRIPT>";    

exit; 
}  else  { 
 // do things

}

zoobie

Forget it...