Capturing $_REQUEST and reusing it later

I'm working on an authentication system in which it's possible that a user
might be requested to log-in as a result of submitting a form if the
inactivity timeout is exceeded. In order that they don't lose the
information in the form I would like to capture this information ($_RESULT),
serialise it and store it in their session. After they've successfully
logged in I would like to retrieve this information and put it back in
$_RESULT so the user can carry on with what they were doing. Is $_RESULT
meant to be writable in this wayand is there any reason why this isn't a
good idea?

Thanks,
Geoff

Geoff Soper wrote:
> I'm working on an authentication system in which it's possible that a
user
> might be requested to log-in as a result of submitting a form if the
> inactivity timeout is exceeded. In order that they don't lose the
> information in the form I would like to capture this information
($_RESULT),
> serialise it and store it in their session. After they've
successfully
> logged in I would like to retrieve this information and put it back
in
> $_RESULT so the user can carry on with what they were doing. Is
$_RESULT
> meant to be writable in this wayand is there any reason why this
isn't a
> good idea?

$_REQUEST is writable, but not "carryable" as session ($_SESSION).

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

Geoff Soper wrote:
> I'm working on an authentication system in which it's possible that a user
> might be requested to log-in as a result of submitting a form if the
> inactivity timeout is exceeded. In order that they don't lose the
> information in the form I would like to capture this information ($_RESULT),
> serialise it and store it in their session. After they've successfully
> logged in I would like to retrieve this information and put it back in
> $_RESULT so the user can carry on with what they were doing. Is $_RESULT
> meant to be writable in this wayand is there any reason why this isn't a
> good idea?

I assume by $_RESULT you mean $_REQUEST?

To store it:

foreach ($_REQUEST as $key=>$value) {
$_SESSION['REQUEST'][$key] = $value;
}

This will simply store all the $_REQUEST variables in the session as the
array $_SESSION['REQUEST']

Then to get it back:

foreach ($_SESSION['REQUEST'] as $key=>$value) {
$_REQUEST[$key] = $value;
}

Or, if they fail the login, destroy the array:
unset($_SESSION['REQUEST']);

If you don't want to store all the $_REQUEST vars but only some of them
you can just use a switch-statement before storing them.

foreach ($_REQUEST as $key=>$value) {
switch ($key) {
case "var_to_keep":
case "another_var_to_keep":
case "yet_another_var_to_keep":
$_SESSION['REQUEST'][$key] = $value;
break;
default:
break;
}
}

Just make sure you call session_start(); on the pages where you want to
use this, or the $_SESSION variables won't be carried over.

Hope that helps :)


Roy W. Andersen
--
ra at broadpark dot no / http://roy.netgoth.org/

"Hey! What kind of party is this? There's no booze
and only one hooker!" - Bender, Futurama

> To store it:
>
> foreach ($_REQUEST as $key=>$value) {
> $_SESSION['REQUEST'][$key] = $value;
> }

Why not simply $_SESSION['REQUEST'] = $_REQUEST;?


--
* html {redirect-to: url(http://browsehappy.pl);}

porneL wrote:
>
>> To store it:
>>
>> foreach ($_REQUEST as $key=>$value) {
>> $_SESSION['REQUEST'][$key] = $value;
>> }
>
>
> Why not simply $_SESSION['REQUEST'] = $_REQUEST;?

Why not indeed? :)

I put the switch-statement in that loop when I started writing the post,
and decided to put it up as an alternative afterwards instead, and left
the loop as it was.


Roy W. Andersen
--
ra at broadpark dot no / http://roy.netgoth.org/

"Hey! What kind of party is this? There's no booze
and only one hooker!" - Bender, Futurama