PHP DB - Re: [PHP-DB] retaining form information when someone presses back

Author

Re: [PHP-DB] retaining form information when someone presses back

Christopher Blöcker

2007-01-01, 7:00 pm

Flint Million:
> This might not be relavent for this forum, so if not please direct me
> to the proper one; although I do like to keep my email list
> subscriptions down.
>
> I have a custom application in PHP in which a user fills out a form of
> information. When the user submits, I perform sanity checking on the
> user's submitted data and refuse to actually process/insert it if
> those checks fail. However, my users are complaining that when they
> press back to correct, all the data is gone from the form and they
> have to re-enter it all. I know many websites that can retain the form
> data when someone presses back; how is this done?
>
> Flint M
>

ok, an input field might be something like <input type='text'
name='username' size='8' maxlegth='32'> --> the submitted variable would
be stored in $_POST["username"] (or $_GET["username"] depending on what
method you use to submit it)
your back-button should now contain a link like <a
href='fill-in-form.php?username=$_POST["username"]'>back</a> to keep the
information
an other possibility might be using cookies but this would be impossible
if the user refuses to accept cookies, so this method might not be wanted

Chris

Chris

2007-01-03, 9:59 pm

Christopher Blöcker wrote:
> Flint Million:
>
> ok, an input field might be something like <input type='text'
> name='username' size='8' maxlegth='32'> --> the submitted variable would
> be stored in $_POST["username"] (or $_GET["username"] depending on what
> method you use to submit it)

Please no!

*At least* use htmlentities or htmlspecialchars to stop xss attacks.

If I put:

<script>alert('x');</script>

as my username, and that alerts 'x', then I can steal cookies from your
computer and other bits of info as well.

--
Postgresql & php tutorials
http://www.designmagick.com/

Sponsored Links