Retaining form data when going back and still using PHP sessions.
February 8, 2008 5:36 AM   Subscribe

When I altered a PHP web form to take advantage of PHP Sessions, I lost the ability to go back a page while retaining data in the form. Is this the expected behaviour, or is it caused by something else?

There are two pages, newentry.php and processentry.php. The first page contains an HTML form whose action is the second page.

The second page does some error checking and alerts the user to go back if something is not correct. I have attempted both javascript:history.back, history.go(-1), and direct links to newentry.php. Before I added Session support, going back to the form returned you to a page with the data still filled in.

Since I added sessions, going back takes you to a blank copy of the form. Is this normal? Is there some other cause I should investigate?

What is the best way to handle this sort of thing? Should I not rely on the first behaviour at all?
posted by odinsdream to Computers & Internet (8 answers total) 1 user marked this as a favorite
Could you be more specific about what you mean by "added sessions"?
posted by bricoleur at 6:10 AM on February 8, 2008

My first guess would be to look at the code in newpage.php that generates new sessions. If every visit to that page creates a new session, and you pre-fill the fields form the session variable, you'll get an empty page every time.
posted by DreamerFi at 6:28 AM on February 8, 2008

I'm assuming you're trying to repopulate the form using session data. Do both pages contain session_start(); at the top? Are you populating the session with the form data?

As bricoleur says, you need to be more specific about what you've done. The code would be handy.
posted by missmagenta at 6:30 AM on February 8, 2008

Kinda guessing without seeing the code, but if you have register_globals on, session variables become real variables automatically.

The refilling of the form when you hit back is actually done by the user's browser, not PHP. And no, you shouldn't rely on this, you should have the code check if everything is filled in and if not, redisplay the form on the first page, this time putting the error at the top of it. If you want to prevent the user even having to submit the form, there's some very simple Javascript client-side validation you can do, but you always have to do the server-side validation.
posted by bertrandom at 6:44 AM on February 8, 2008

You can sometimes get away with relying on the browser to hang onto form input for you but, as you're finding, it's not ideal (I think the browser makes a judgement as to whether the page should be retained based on headers etc., and different browsers will probably apply different rules).

The best solution is to make the form submit back to the same page, so if something goes wrong it can all be properly prepopulated. There are numerous PHP-based classes/frameworks for making forms easier by filtering/validating/rendering when given a description of the form (not sure which ones to recommend as I went the NIH route and created my own).
posted by malevolent at 6:57 AM on February 8, 2008

You could explicitly create session variables from the form data, then manually populate the form from the session variables when the user goes back. That's probably the surest way to retain the data.

As others have said, browsers tend to decide for themselves whether to retain form data automatically, but don't rely on it. A bit of jiggery-pokery with headers might help, but really you might be best to try to take control of the data via session vars.
posted by le morte de bea arthur at 7:55 AM on February 8, 2008

Got it. It looks like I'll need to go about reworking the code a bit, then.

When I say added sessions, I mean I added a login page that starts a session, then I also adjusted the other pages to require that a session has already started before they are displayed.

Before this change, I could enter information on the form, go to the Submit step and view any errors, then go back and the data I had entered would remain in the form.

After I created a login page and started restricting the pages to only requests within the same session, this behaviour changed and now results in the form always showing up empty when I go back to it from the submit page.

I am not currently doing any step to fill in the form, but now I will have to adjust and store everything in session variables in order to repopulate in case of errors.

If anyone has some nifty frameworks they use, I'd love to see those.
posted by odinsdream at 10:50 AM on February 8, 2008

I use symfony for a lot of bigger projects, it might be overkill for small ones though. It has really good form validation routines and can automatically fill the form values back in by parsing the XHTML, in the case of an error. The documentation is thorough and well written. This page on forms might give you a good example.

If you'd rather roll your own, I've combined Smarty, a great templating engine with DB_Dataobject, a database abstraction library, and thats worked out pretty well. Even using Smarty alone will save you a bunch of time, there are a lot of useful helpers, like dynamically creating SELECT boxes, although I'm sure the PHP-is-a-templating-language people will disagree.
posted by bertrandom at 1:36 PM on February 8, 2008

« Older Women writing SciFi: Your Picks?   |   ipod+bluetooth+running? Newer »
This thread is closed to new comments.