trouble with sessions

eightmin

I have read a bunch of posts here but either my eyes are so burned out or I am blind. Can't seem to find what I am looking for.

This is my problem. I have a form (add_member.php) asking for information. That form is sent to process_member.php when submitted via POST. My process_member.php script checks to make sure required fields are filled and that a proper email address is given. If not, a warning is sent indicating which fields were not filled in.

<?
session_start();
header("Cache-control: private");

if($email)
{
if(!eregi("^{[a-zA-Z0-9_]+@[a-zA-Z0-9-]+.[a-zA-Z0-9-.]+$",} $email))
{
$emailerr = "You did not enter a valid Email address. Please try again";
$err = 1;
}

}

if( $first_name == "" )
{
$first = "First Name<br>";
$required_fields[0] = $first;
}
if( $last_name == "" )
{
$last = "Last Name<br>";
$required_fields[1] = $last;
}
if ( $address == "" )
{
$form_address = "Address<br>";
$required_fields[2] = $form_address;
}
if ( $city == "" )
{
$form_city = "City<br>";
$required_fields[3] = $form_city;
}
if ( $state == "" )
{
$form_state = "State<br>";
$required_fields[4] = $form_state;
}
if ( $zip == "" )
{
$form_zip = "Zip Code<br>";
$required_fields[5] = $form_zip;
}
if ($err)
{
$form_emailerr = $emailerr;
$required_fields[6] = $from_emailerr;
}

if (isset($required_fields) && !$process)
{

<table align="center" border="0" cellpadding="4" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td class="imp" align="center">The Following REQUIRED fields were left blank.<br> Please use your browser back button to complete the form.
</td>
</tr>
<?
for($i = 0; $i < 7; $i++)
{
echo "<tr>\n". "<td>$required_fields[$i]</td>\n";
echo "</tr>";
}
?>
</table>
<?
exit();
}
else
{
/***************************************
Register session variables in case user needs to edit their information
**********************************/
session_register('first_name', 'last_name', 'address', 'address_2', 'city', 'state', 'zip', 'phone', 'email', 'send_email');
?>
// Below is the table that is sent back to the browser for the user to see:

<table border="0" cellpadding="3" cellspacing="1" width="100%">
<form METHOD="POST" ACTION="<?php echo($PHP_SELF)?>">
<input type="hidden" name="process" value="yes">
<tr bgcolor="#FFFFFF">
<td align="center" class="b" colspan="2">Personal Information</td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">Name:</td>
<td><? echo( ucwords("$first_name "."$last_name")) ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">Address:</td>
<td><? echo(ucwords($address));
if($address_2)
{
echo "<br>". $address_2;
}
?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">City</td>
<td><? echo(ucwords("$city")) ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">State</td>
<td><? echo(ucwords("$state")) ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">Zip</td>
<td><? echo("$zip") ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">Phone</td>
<td><? echo("$phone") ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">2nd Phone</td>
<td><? echo("$phone_2") ?></td>
</tr>
<tr bgcolor="#FFFFFF">
<td class="b">Email</td>
<td><? echo("$email") ?></td>
</tr>
</tr>
<tr bgcolor="#FFFFFF">
<td colspan="2" align="center"><input type="submit" value="Continue">  </td>
</tr>
</form
</table>
<?
}
?>

If the form is filled out properly, process_member.php sends the form contents output back to the browser for the user to check to make sure they entered all the information correctly. The returned info is in a table and I have the data between <form> with ACTION="<?php echo($PHP_SELF)?>">. I also have 1 hidden field with name="process" and value="yes". I did this so that if the user hits the "continue" or submit button, the the script would continue on and process the information into a database. I know to start the very top (no spaces) of the process_member script with session_start();. So if the user hits the "continue" button, the following code should execute

<?
if($process == "yes") // user hit the continue button after entering data
{
/***********************************
sanitize info for database by adding slashes and make first letter upper case
*******************************************/

$first_name = ucwords(trim(addslashes($first_name)));
$last_name = ucwords(trim(addslashes($last_name)));
$address = ucwords(trim(addslashes($address)));
$city = ucwords(trim(addslashes($city)));
$state = ucwords(trim(addslashes($state)));
$zip = ucwords(trim(addslashes($zip)));
$phone = trim(addslashes($phone));
$email = trim(addslashes($email));

/*******************************
connect to database and insert user information ******************************/

$host = "myhost info";
$user = "myusername";
$pass = "mypassword";
$db = "mydatabase";
$mysql = mysql_connect($host, $user, $pass);
if(!$mysql)
{
echo 'Cannot connect to database.';
exit();
}

// select database

$mysql = mysql_select_db ($db, $mysql);
if(!$mysql)
{
echo "cannot select the proper database\n";
exit();
}

$query = "INSERT INTO MEMBERS set first_name = '$first_name', last_name = '$last_name', address= '$address', address_2 = '$address_2', city = '$city', state = '$state', zip = '$zip', phone = '$phone', email = '$email' ";

$result = mysql_query($query);

if(!$result)
{
echo "<p align= center >No entry made to database.<br> Please use your browser back button and try again.<br>";
}

/*****************************
send email to me to announce new member
*******************************/

if($result)
{

/***************************************
Have to strip slashes for email content.
*******************************************/

$first_name = stripslashes($first_name);
$last_name = stripslashes($last_name);
$address = stripslashes($address);
$city = stripslashes($city);
$state = stripslashes($state);
$zip = stripslashes($zip);
$phone = stripslashes($phone);
$email = stripslashes($email);

/*****************************
the following code is the email output
***************/

$date = date("F jS, Y");
$to = "me@myemail.com";
$subject = "NEW MEMBER";
$msg = "<html><body>
<h3 align=center style='color:#8484FF;'>A New Member has Joined</h3>

<p style='font-weight:bold;font-family:arial;font-size:11px;color:#8484FF;'>The following new member has joined us, $first_name $last_name .</p>

<p style='font-family:arial;font-size:11px;'>Name: $first_name "."$last_name</p>

<p style='font-family:arial;font-size:11px;'>Address: $address</p>

<p style='font-family:arial;font-size:11px;'>State: $state</p>

<p style='font-family:arial;font-size:11px;'>Phone: $phone</p>

<p style='font-family:arial;font-size:11px;'>Email: $email</p>

</body></html>";

$from = "$first_name "."$last_name";

mail($to, $subject, $msg, "To: $to \n" . "From: $from <$email>\n" . "MIME-Version: 1.0\n" . "Content-type: text/html; charset=iso-8859-1");

/****************************
send email back to user with their submitted information *****************/

if($send_email == "YES")
{

$date = date("F jS Y");
$to = "$email";
$subject = "Your Builder Complaint";
$msg = "<html><body>
<h3 align=center style=color:#8484FF;>The following is the information you sent to HADD</h3>

<p style='font-weight:bold;font-family:arial;font-size:11px;color:#8484FF;'>Below is the information you provided.</p>

<p style='font-family:arial;font-size:11px;'>Name: $first_name "."$last_name</p>

<p style='font-family:arial;font-size:11px;'>Address: $address</p>

<p style='font-family:arial;font-size:11px;'>State: $state</p>

<p style='font-family:arial;font-size:11px;'>Phone: $phone</p>

<p style='font-family:arial;font-size:11px;'>Email: $email</p>

</body></html>";
$from = "noreply@myemail.com";

mail($to, $subject, $msg, "To: $to <$to>\n" . "From: $from <$from>\n" . "MIME-Version: 1.0\n" . "Content-type: text/html; charset=iso-8859-1");
}
}
}
?>
[/color]

What happens is that I loose all my session data. The script works, sends an email to me with his info (except that the data is blank and only the email form is sent). It does not send the email back to the user because my session data is lost so the "$send_email" variable is also gone and the script does not process the email back to the user. No parse errors or anything, just no data?! Originally the script processed the info into the database sent the emails out, and then returned the info back to the browser. It worked fine then. The problem came about when I tried to show the user their data first and then processed the info into the database. So I know the my problem is with the sessions and the way that I am handling them.

What am I doing wrong?

dalecosp

Real likely this is a simple scope problem.

session_register($foo) is deprecated. Use:

$_SESSION['foo']=$_POST['foo'];

instead.

When you get to page 3 (or if ...) use something like:

$first_name = ucwords(trim(addslashes($_SESSION['first_name'])));

to get the data back...

eightmin

Thanks Dalecosp,
I will give that a try. One quick question, since I am using the $SESSION['some_variable'] to maintain my data, then when I go to insert information into my database, do I have to do something like this:
$query = "INSERT into MEMBERS set first_name = '$SESSION['first_name']' ";

I ask because in my script, directly after the form that returns data back to the user is the MySQL connect and insert codes. Or should I break down the session variables into normal scalar variables like this:

$first_name = $_SESSION['first_name'];

or does it even matter?

eightmin

Thanks dalecosp,
I did not realize the session_register(); had been deprecated. I got that old info from a book on PHP published in 2001. Using the
superglobal array $SESSION['foo'] = $POST['foo']; did the trick! Guess it is time to purchase a new book or two.
🙂 🙂

dalecosp

Originally posted by eightmin
Thanks Dalecosp,
I will give that a try. One quick question, since I am using the $SESSION['some_variable'] to maintain my data, then when I go to insert information into my database, do I have to do something like this:
$query = "INSERT into MEMBERS set first_name = '$SESSION['first_name']' ";

I ask because in my script, directly after the form that returns data back to the user is the MySQL connect and insert codes. Or should I break down the session variables into normal scalar variables like this:

$first_name = $_SESSION['first_name'];

or does it even matter?

Well, I don't know how much it matters. Maybe something to do with speed/efficiency, but I'm not sure. I often grab the superglobals I'll be using at a given time and put them into local variables, because I like to be able to type

"select * from foo where bar=$baz";

instead of

"select * from foo where bar=".$_SESSION['baz'];

YMMV, of course. Glad ya got it going.

Before you buy any books, give this some thought: PHP 5 will be out soon; you may want to wait and see what that brings. There's a thread in the "PHP 5" forum here on books.

Also, six of our forum members just finished "Beginning PHP and MySQL Web Development" for Wrox Publishing. I hear it's pretty good, and does take into account the fact that global variables are now preferred OFF.

H.A.N.D. 🙂