Determing whether the last page load was SELF

schwim

Hi there guys,

very sorry to bother you all, but I have a problem:

I have a registration form. I set it to save the input values in a session so they didn't have to input the data again in the case of a problem. The form is checked through another case in the same page(user.php?action=register gets checked by user.php?action=reg_check and if it's not OK, just sends it back to user.php?action=register). What I would like to do though is if the user travels to another page, it will destroy those session values. It seems confusing if they come back to the page 10 minutes later after browsing and their problematic data is there.

So it seems that a simple IF LAST LOAD NOT SELF THEN UNSET is in order, but I'm not sure how to do that.

Any help would be greatly appreciated 🙂

thanks,
json

NogDog

I suppose you could look at the $_SERVER['HTTP_REFERER'] value and see where the user is coming from, and act accordingly (realizing that it may not be set depending on the situation, the browser settings, and any proxy settings if applicable).

schwim

Hi there nog and thanks very much for the reply,

Since it seems that it's not a foolproof way to handle it, do you know of a better method off-hand of destroying the session values if they're not coming from the same page?

thanks,
json

NogDog

Only way I can think of if there were something in the way of a form/URL post/get value that you could check for in the $POST/$GET array.

madwormer2

Hmm.

Two session variables, $SESSION['current'] and $SESSION['last'].

On every page load of your site, you move current to last, and fill in current with the current page value.

Then you can check if current == last, if it doesn't, unset($_SESSION['userdata']) (or whatever the variables are.

That's how I'd do it

schwim

Hi there and thanks for the reply guys,

That did the trick nogdog, thanks!

if(!ISSET($_GET['rewind'])){
			if(ISSET($_SESSION['stop'])){

			UNSET($_SESSION['stop']);
		}
	}

Thanks very much for your help!

Hi there madwormer,

If it were data that created a risk if the value was manipulated, I would continue looking, but since it just clears their attempted registration info, is there a reason you think the session var is a better way to go? Since it's working, I don't see a reason to do it differently, unless I'm missing something.

thanks,
json