0

I also have a string stored in a session variable but can't figure out how to get it back out again...

THIS CODE IS PAGE 1.

<form action="page1.php" method="post" id="register-form" novalidate="novalidate">

<b>Postcode:</b> <input type="text" name="search" /> (required)<br />
<?php
@session_start();
    if (empty($_POST['search']) && isset($_POST['submit'])){
        echo'Please enter postcode i.e. ZZZZ';
    }
?><br />

<p><input type="submit" name="submit" value="Search"></p><br />
</form>
</div>
</body>
<?php

/* Check all form inputs using check_input function */
$search     = $_POST['search'];

/*Assign variables to session variables*/
$_SESSION['search'] = $search;

header ("Location: http://www.example.com/page2.php");
exit();
?>

I run the code above and then when the user submits, there is a page redirect to PAGE 2. The session variable 'search', which contains a postcode string, is carried over to page 2, where I'm hoping to use the string variable as part of a query to retrieve some information from a database. I figure I need to convert it back into a string so it can be used to retrieve data from database... I just don't know how...

Can someone please help!?

3
Contributors
6
Replies
8
Views
4 Years
Discussion Span
Last Post by broj1
0

As simple as:

$search = $_SESSION['search'];

$_SESSION['search'] is already a string since it came from the form input. You can use it in a query but make sure you at least escape it first:

$query = "SELECT * FROM tablename WHERE somefield LIKE '%" . mysqli_real_escape_string($search) . "'";

Edited by broj1

0

Doesn't work... on PAGE 2 it just displays the text: 'You have not entered search details. Please go back and try again.' Below is my original code on PAGE 2...

<?php
  // create variable search
    $search = $_SESSION['search'];

// Check field has been completed
  if (!$search)
  { 
     echo 'You have not entered search details.  Please go back and try again.';
     exit;
  }
  // Get field data
  if (!get_magic_quotes_gpc())
  {
  $search = addslashes($search);
  }
//Connect to database
  @ $db = new mysqli('xxx', 'xxx', 'xxx', 'xxx');

  if (mysqli_connect_errno()) 
  {
     echo 'Error: Could not connect to database.  Please try again later.';
     exit;
  }
//Run query - distinct stops duplicate messages
    $query = "SELECT DISTINCT *
            FROM tbl_gar_customer, stockist
            WHERE stockist.postcode_area LIKE '".$search."'
            AND stockist.garcustomer_no = tbl_gar_customer.account_no
            GROUP BY account_no";
//Save the results
  $result = $db->query($query);
//Count the results
  $num_results = $result->num_rows;
//Display count
  echo '<p>Number of Stockists found: '.$num_results.'</p>';
//Display Results
  for ($i=0; $i <$num_results; $i++)
  {
     $row = $result->fetch_assoc();
     echo htmlspecialchars(stripslashes($row['name'])).'</strong><br />';
     if (!empty($row['address1']))echo stripslashes($row['address1']).'<br />';
     if (!empty($row['address2']))echo stripslashes($row['address2']).'<br />';
     if (!empty($row['address3']))echo stripslashes($row['address3']).'<br />';
     if (!empty($row['cust_town']))echo stripslashes($row['cust_town']).'<br />';
     if (!empty($row['cust_county']))echo stripslashes($row['cust_county']).'<br />';
     if (!empty($row['postcode']))echo stripslashes($row['postcode']).'<br />';
     if (!empty($row['cust_phone']))echo '<br />Tel.: '.stripslashes($row['cust_phone']);
     if (!empty($row['fax']))echo '<br />Fax.: '.stripslashes($row['fax']).'<br />';
     if (!empty($row['web']))echo '<br />Website: <a href="'.stripslashes($row['web']).'">'.stripslashes($row['web']);
     if (!empty($row['cust_email2']))echo '<br />Email: <a href="mailto:'.stripslashes($row['cust_email2']).'">'.stripslashes($row['cust_email2']);
     echo '</a></p>';

    //Pulls installers email from database and store in variable called installers_email   
    $installers_email = $row['cust_email2'];
  }

  $result->free();
 // Close Database connection
  $db->close();

  ?>

Edited by pedal123

2

On top of each page that uses session variables you have to put:

session_start();

It looks like it's missing on page 2.

Edited by broj1

0

Hi,

this

if (!$search)

does not return a boolean response. To force it to return a boolean response then we can do something like this.. actually, we need to add a simple function like this.

    function is_null_empty($input){
    ## true is empty or null
    ## false go ahead

    return(strlen($input)== 0 ? true: false );        
}

we can then use the function in your code like this

 if(is_null_empty($search)){
  echo 'You have not entered search details. Please go back and try again.';
  exit;

  }

Edited by veedeoo: info added

0

That's fantastic! It works! Thanks alot Broj1 I really appreciate your help :o)

Thankyou veedeoo as well

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.