View Full Version : Doubt about Session registration forms.

11-05-2007, 01:45 AM
I'm a newbie in PHP and i want to find a solution for my problem/doubts.

I have a signup form and i want to continue to the next signup form after submitting and validating the inputs.

I don't know how to do this. Should i use a session or cookies?

At the moment, i can validate and put into the database the inputs of the first signupform, using an session method i saw in a tutorial, but i didnīt understand how the session works.

Thank you in advance.

11-05-2007, 02:30 AM
Sessions are like cookies, but the variables are stored on the server,
not on the user's PC (like cookies). That means, if the user closes their
browser or shuts down (leaves the internet), the session is gone.

Sessions would work, but if the user finishes the first form and shuts off
their PC, they will not be able to continue on with the 2nd form because
your script won't know where they left off.

The fact of the matter is ... if you're saving the form(s) in a database
for a user, you don't need sessions or cookies at all. Have one table just
to keep track of where the user was at. Example, when they finish the
first form, save the form data and also put a "1" in the table.

If they exit and come back, you'll know they finished form "1" and send
them to form #2. When they finish form "2", write that into the table.

The final form can put a "99" (or some other number), so you know they've
finished all forms. That record is permanent in the database. It could be
useful for some other purpose .... example, the "99" could be something
like "11262008" (Nov. 26, 2008)... which may trigger them to update the
form information when that date occurs.

And I'm assuming when you say database, you mean MySQL.

11-05-2007, 11:50 AM
I'm using MySql.
I don't know what is suitable (easy in my case (cookies or sessions):s I only know the basics of programming.
I'm trying to do a social network.

"If they exit and come back, you'll know they finished form "1" and send
them to form #2." In this case they have to start the 1st login form and write at least 1 field( example email) to mysql know if it's the right person and to pass to the 2nd login form?

Thank you

11-05-2007, 02:46 PM
OK ... so they don't have to log-in to get to the form ... the form itself
must be your registration form?

In that case, you would need to use cookies ... but you realize
people can erase those if they choose to. But I don't see any
other way. Sessions won't work for that application.

So, perhaps try this method ...

1) At the beginning of the ANY form page (including form #1), always check the user's
cookies for their email. If you see it, check their database and kick
them into the log-in page. After logging-in, they will continue with
the form completions, depending on where they left-off.

2) When they finish ANY form page, save their email in a cookie,
and also save that page number in their database, along with all of
the form data.

3) If you don't see the user's email (in a cookie), then display the
1st form page. When they submit that 1st form page, you'll be
checking for the email (if already being used) anyhow, so you'll either
accept it or fail as "email address already taken". If you accept it,
you do step 2, where you save the form in the database, save the
form page number and write a cookie (their email) on the user's PC.

4) The only failing situation here is if the person completes the 1st form,
leaves the internet, and deletes their cookies. In that case, they would
return and have to re-complete the 1st form. They would get an error
message saying that the email address they used has already been used ...
In that case, they would still be sent to the log-in page to finish the forms,
so they would be processed correctly.

On that 1st form, you would at least need to make them enter their
email address and a desired password.

The reason for having the log-in page if they don't complete all forms
is simple ... if someone messes with the cookies on a PC, they could
enter a different email address. Since the password is stored on your
database, anyone doing that would still need to get past the log-in.


The actual log-in part is where you would use sessions. Once logged-in, they
remain logged-in at all times until they either log-out or close their browser...
in which case the sessions are deleted.

If you plan on having an "always keep me logged in" option ...
that would be using cookies ... but your script would
see the cookie for "always keep me logged in", and set a session.
It would just bypass the log-in page. These type of options
present a security risk, but people like to use them anyhow.


11-05-2007, 06:12 PM
I only know the basics of programming.
I'm trying to do a social network.

Tip: When learning a programming language, do not try to make something that takes other people a lot of time and effort when they already know the language.

11-05-2007, 06:33 PM
I also question why you are coding all of it from scratch when you could
probably find an existing script that is already programmed ... then, you can
customize it for your own use.

Unless you're trying to learn PHP and MySQL in the process?

You're only on the registration part ... wait until you get into the main code.

11-13-2007, 12:40 AM
I'm trying to learn a bit of PHP & MYSQL using existing scripts.
I solve the problem of signup forms using cookies.

I know the problems will increase.