| Re: Pass varible with out URL and SESSION [message #179985 is a reply to message #179983] |
Mon, 24 December 2012 22:26   |
Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>
>>> On 12/24/2012 4:30 AM, Andy wrote:
>>>> > well exactly. There are only three ways to keep track of a browser
>>>> > state between pages: cookie, GET or POST.
>>>>
>>>> In the words of Yoda "There is another"...
>>>>
>>>> You guys won't like it but I thought it worth mentioning that you can
>>>> also use a hidden frame and store any variable to be passed back to
>>>> the next content page.
>>
>>> Which still comes back in the GET or POST values, as applicable.
>>
>> I think Andy is suggesting a client side method that uses javascript to
>> store a variable in a higher level frame between page loads. This could
>> be used to pass data between the javascript code running in two pages
>> on a client without passing the data through the server.
>>
>> It's a similar approach to using js to create a cookie on the client
>> side that can be read by js in another page on the client side, to pass
>> data between pages on the client side without relying on the server.
>>
>> However, as we already agreed (I think), until we have more information
>> about what the OP actually wants to do, and specifically whether he's
>> trying to pass state information between pages on the client or on the
>> server, it's a bit pointless debating the ins and outs of the various
>> possible methods.
> But it's still passed back to the server via POST or GET. All he's
> suggesting is a different way of storing it on the client (i.e. instead
> of a hidden field in a form).
No, he's suggesting a way to pass data from a client side script running
in one page on the client to a client page script running in another page
on the client *without* going back through the server at all.
Scenario:
A frameset has javascript methods set( param, value ) and get(param)
Any pages loaded into a subframe of that frameset, from the same host (xss
restrictions will apply if the page is from a different host) can call
the set and get methods in the parent frameset to store / retrieve values
that will never be passed through the server.
I once wrote a shopping catalogue that ran 100% in client side javascript
doing this, for someone who was running on a hosting provider that only
made a basic mailform cgi available. Customers could browse the
catalogue, pick out their goods, and then mail their shopping list to the
company using the mailform cgi.
The (mom & pop) company would then contact the customer, confirm the
requirement, put it on their van and deliver it, collecting payment when
they delivered.
The only time that any "data" apart from plain page requests got sent to
the server was after the complete order had been assembled, when it was
sent to the mailform cgi on the server, and that could have been avoided
by generating a mail uri that would have launched the default mail
application on the client computer and populate the message text.
The same can be done with a javascript cookie, although the cookie in
that case does get sent to the server the server just discards it, but
the javascript in different pages from the same host (again security
constraints apply) on the client can read and write the cookie and use it
to pass data values between themselves.
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179986 is a reply to message #179984] |
Mon, 24 December 2012 23:25 |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 24/12/12 21:36, J.O. Aho wrote:
> On 24/12/12 16:43, Adrian Tuddenham wrote:
>> Scott Johnson <noonehome(at)chalupasworld(dot)com> wrote:
>
>>> As Jerry mentioned, you still have to use one of the 3 methods. POST,
>>> GET, COOKIE.
>>>
>>> If you use a frame, invisible or not, once you resend the header to load
>>> another page, from the root page or frame (does not matter), you still
>>> have to send variables as mentioned above.
>>
>> Presumably there is nothing to stop you writing the variable to a file
>> and then reading it back on the next page?
>
> If you want to store the data, you need to send it to the server with
> help of GET/POST/PUT, Andy was suggesting that he could store values
> without sending the data to the server, this could be done in a way with
> javascript, but the server wouldn't be able to act on the data and you
> need to make it somewhat crafty design which is easily broken by the user.
>
>
>> The only problem, with a busy website, would be identifying whether the
>> same user is requesting that variable as the one who wrote it.
>
> This is why you use sessions, the session cookie can of course be
> hijacked, but it will keep track of who is associated with what data.
>
>
>> Could
>> that be taken care of by storing an array in the file and associating
>> each variable with each user's IP number? As long as the IP number
>> didn't change during a session, this would select the wanted variable
>> for that user.
>
> You could do that, but you would get issues when you have more than one
> user from the same ip or a user who change ip during the visit at the
> site. I would say the solution is a big step backwards compared to
> sessions.
>
well cookies, anyway. I didn't find sessions gave me anything using was
cookies didn't.
The POST method is good but wont survive a browser shutdown. Most
browsers store cookies on the local hard drive.
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179987 is a reply to message #179985] |
Mon, 24 December 2012 23:30 |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 24/12/12 22:26, Denis McMahon wrote:
> On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
>
>> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>>
>>>> On 12/24/2012 4:30 AM, Andy wrote:
>>>> >> well exactly. There are only three ways to keep track of a browser
>>>> >> state between pages: cookie, GET or POST.
>>>> >
>>>> > In the words of Yoda "There is another"...
>>>> >
>>>> > You guys won't like it but I thought it worth mentioning that you can
>>>> > also use a hidden frame and store any variable to be passed back to
>>>> > the next content page.
>>>
>>>> Which still comes back in the GET or POST values, as applicable.
>>>
>>> I think Andy is suggesting a client side method that uses javascript to
>>> store a variable in a higher level frame between page loads. This could
>>> be used to pass data between the javascript code running in two pages
>>> on a client without passing the data through the server.
>>>
>>> It's a similar approach to using js to create a cookie on the client
>>> side that can be read by js in another page on the client side, to pass
>>> data between pages on the client side without relying on the server.
>>>
>>> However, as we already agreed (I think), until we have more information
>>> about what the OP actually wants to do, and specifically whether he's
>>> trying to pass state information between pages on the client or on the
>>> server, it's a bit pointless debating the ins and outs of the various
>>> possible methods.
>
>> But it's still passed back to the server via POST or GET. All he's
>> suggesting is a different way of storing it on the client (i.e. instead
>> of a hidden field in a form).
>
> No, he's suggesting a way to pass data from a client side script running
> in one page on the client to a client page script running in another page
> on the client *without* going back through the server at all.
>
> Scenario:
>
> A frameset has javascript methods set( param, value ) and get(param)
>
> Any pages loaded into a subframe of that frameset, from the same host (xss
> restrictions will apply if the page is from a different host) can call
> the set and get methods in the parent frameset to store / retrieve values
> that will never be passed through the server.
>
> I once wrote a shopping catalogue that ran 100% in client side javascript
> doing this, for someone who was running on a hosting provider that only
> made a basic mailform cgi available. Customers could browse the
> catalogue, pick out their goods, and then mail their shopping list to the
> company using the mailform cgi.
>
> The (mom & pop) company would then contact the customer, confirm the
> requirement, put it on their van and deliver it, collecting payment when
> they delivered.
>
> The only time that any "data" apart from plain page requests got sent to
> the server was after the complete order had been assembled, when it was
> sent to the mailform cgi on the server, and that could have been avoided
> by generating a mail uri that would have launched the default mail
> application on the client computer and populate the message text.
>
> The same can be done with a javascript cookie, although the cookie in
> that case does get sent to the server the server just discards it, but
> the javascript in different pages from the same host (again security
> constraints apply) on the client can read and write the cookie and use it
> to pass data values between themselves.
>
which is a rather different matter: for that data to make any difference
TO the server it has to be passed TO the server in some way.
Unless you are going to send some javascript code whose action is
modified by the variables, in which case its scarcely a (server side)
PHP issue at all.
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179988 is a reply to message #179985] |
Tue, 25 December 2012 01:23 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/24/2012 5:26 PM, Denis McMahon wrote:
> On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
>
>> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>>
>>>> On 12/24/2012 4:30 AM, Andy wrote:
>>>> >> well exactly. There are only three ways to keep track of a browser
>>>> >> state between pages: cookie, GET or POST.
>>>> >
>>>> > In the words of Yoda "There is another"...
>>>> >
>>>> > You guys won't like it but I thought it worth mentioning that you can
>>>> > also use a hidden frame and store any variable to be passed back to
>>>> > the next content page.
>>>
>>>> Which still comes back in the GET or POST values, as applicable.
>>>
>>> I think Andy is suggesting a client side method that uses javascript to
>>> store a variable in a higher level frame between page loads. This could
>>> be used to pass data between the javascript code running in two pages
>>> on a client without passing the data through the server.
>>>
>>> It's a similar approach to using js to create a cookie on the client
>>> side that can be read by js in another page on the client side, to pass
>>> data between pages on the client side without relying on the server.
>>>
>>> However, as we already agreed (I think), until we have more information
>>> about what the OP actually wants to do, and specifically whether he's
>>> trying to pass state information between pages on the client or on the
>>> server, it's a bit pointless debating the ins and outs of the various
>>> possible methods.
>
>> But it's still passed back to the server via POST or GET. All he's
>> suggesting is a different way of storing it on the client (i.e. instead
>> of a hidden field in a form).
>
> No, he's suggesting a way to pass data from a client side script running
> in one page on the client to a client page script running in another page
> on the client *without* going back through the server at all.
>
> Scenario:
>
> A frameset has javascript methods set( param, value ) and get(param)
>
> Any pages loaded into a subframe of that frameset, from the same host (xss
> restrictions will apply if the page is from a different host) can call
> the set and get methods in the parent frameset to store / retrieve values
> that will never be passed through the server.
>
> I once wrote a shopping catalogue that ran 100% in client side javascript
> doing this, for someone who was running on a hosting provider that only
> made a basic mailform cgi available. Customers could browse the
> catalogue, pick out their goods, and then mail their shopping list to the
> company using the mailform cgi.
>
> The (mom & pop) company would then contact the customer, confirm the
> requirement, put it on their van and deliver it, collecting payment when
> they delivered.
>
> The only time that any "data" apart from plain page requests got sent to
> the server was after the complete order had been assembled, when it was
> sent to the mailform cgi on the server, and that could have been avoided
> by generating a mail uri that would have launched the default mail
> application on the client computer and populate the message text.
>
> The same can be done with a javascript cookie, although the cookie in
> that case does get sent to the server the server just discards it, but
> the javascript in different pages from the same host (again security
> constraints apply) on the client can read and write the cookie and use it
> to pass data values between themselves.
>
Which is just another way of storing data on the client. It doesn't do
a bit of good getting data back to the server so PHP can act on it - cgi
or otherwise.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179989 is a reply to message #179986] |
Tue, 25 December 2012 01:25 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/24/2012 6:25 PM, The Natural Philosopher wrote:
> On 24/12/12 21:36, J.O. Aho wrote:
>> On 24/12/12 16:43, Adrian Tuddenham wrote:
>>> Scott Johnson <noonehome(at)chalupasworld(dot)com> wrote:
>>
>>>> As Jerry mentioned, you still have to use one of the 3 methods. POST,
>>>> GET, COOKIE.
>>>>
>>>> If you use a frame, invisible or not, once you resend the header to
>>>> load
>>>> another page, from the root page or frame (does not matter), you still
>>>> have to send variables as mentioned above.
>>>
>>> Presumably there is nothing to stop you writing the variable to a file
>>> and then reading it back on the next page?
>>
>> If you want to store the data, you need to send it to the server with
>> help of GET/POST/PUT, Andy was suggesting that he could store values
>> without sending the data to the server, this could be done in a way with
>> javascript, but the server wouldn't be able to act on the data and you
>> need to make it somewhat crafty design which is easily broken by the
>> user.
>>
>>
>>> The only problem, with a busy website, would be identifying whether the
>>> same user is requesting that variable as the one who wrote it.
>>
>> This is why you use sessions, the session cookie can of course be
>> hijacked, but it will keep track of who is associated with what data.
>>
>>
>>> Could
>>> that be taken care of by storing an array in the file and associating
>>> each variable with each user's IP number? As long as the IP number
>>> didn't change during a session, this would select the wanted variable
>>> for that user.
>>
>> You could do that, but you would get issues when you have more than one
>> user from the same ip or a user who change ip during the visit at the
>> site. I would say the solution is a big step backwards compared to
>> sessions.
>>
> well cookies, anyway. I didn't find sessions gave me anything using was
> cookies didn't.
>
> The POST method is good but wont survive a browser shutdown. Most
> browsers store cookies on the local hard drive.
>
>
>
>
It gives you SECURITY as the data is not sent to the client - only the
session id is. But then noobs don't know (or care) about security.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179990 is a reply to message #179985] |
Tue, 25 December 2012 10:03 |
Andy
Messages: 8
Registered: March 2002
Karma: 0
|
Junior Member |
|
|
"Denis McMahon" <denismfmcmahon(at)gmail(dot)com> wrote in message
news:kbakra$lmv$1(at)dont-email(dot)me...
> On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
>
>> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>>
>>>> On 12/24/2012 4:30 AM, Andy wrote:
>>>> >> well exactly. There are only three ways to keep track of a browser
>>>> >> state between pages: cookie, GET or POST.
>>>> >
>>>> > In the words of Yoda "There is another"...
>>>> >
>>>> > You guys won't like it but I thought it worth mentioning that you can
>>>> > also use a hidden frame and store any variable to be passed back to
>>>> > the next content page.
>>>
>>>> Which still comes back in the GET or POST values, as applicable.
>>>
>>> I think Andy is suggesting a client side method that uses javascript to
>>> store a variable in a higher level frame between page loads. This could
>>> be used to pass data between the javascript code running in two pages
>>> on a client without passing the data through the server.
>>>
>>> It's a similar approach to using js to create a cookie on the client
>>> side that can be read by js in another page on the client side, to pass
>>> data between pages on the client side without relying on the server.
>>>
>>> However, as we already agreed (I think), until we have more information
>>> about what the OP actually wants to do, and specifically whether he's
>>> trying to pass state information between pages on the client or on the
>>> server, it's a bit pointless debating the ins and outs of the various
>>> possible methods.
>
>> But it's still passed back to the server via POST or GET. All he's
>> suggesting is a different way of storing it on the client (i.e. instead
>> of a hidden field in a form).
>
> No, he's suggesting a way to pass data from a client side script running
> in one page on the client to a client page script running in another page
> on the client *without* going back through the server at all.
>
> Scenario:
>
> A frameset has javascript methods set( param, value ) and get(param)
>
> Any pages loaded into a subframe of that frameset, from the same host (xss
> restrictions will apply if the page is from a different host) can call
> the set and get methods in the parent frameset to store / retrieve values
> that will never be passed through the server.
>
> I once wrote a shopping catalogue that ran 100% in client side javascript
> doing this, for someone who was running on a hosting provider that only
> made a basic mailform cgi available. Customers could browse the
> catalogue, pick out their goods, and then mail their shopping list to the
> company using the mailform cgi.
>
> The (mom & pop) company would then contact the customer, confirm the
> requirement, put it on their van and deliver it, collecting payment when
> they delivered.
>
> The only time that any "data" apart from plain page requests got sent to
> the server was after the complete order had been assembled, when it was
> sent to the mailform cgi on the server, and that could have been avoided
> by generating a mail uri that would have launched the default mail
> application on the client computer and populate the message text.
>
> The same can be done with a javascript cookie, although the cookie in
> that case does get sent to the server the server just discards it, but
> the javascript in different pages from the same host (again security
> constraints apply) on the client can read and write the cookie and use it
> to pass data values between themselves.
>
> --
> Denis McMahon, denismfmcmahon(at)gmail(dot)com
Hi,
Dennis is correct.
In fact, I too use this frame method in an ecommerce site so that if the
customer browses back to the shopping cart after filling in some/all details
on the checkout page, the information is restored when they decide to
proceed to the checkout.
No data is sent to the server other than fetching the checkout page and no
data is stored on the client's computer. The information is stored in the
'header' frame as javascript variables and recalled by the checkout page
loaded into the 'content' frame...
onBlur="parent.HEADING.mydetails_firstname=mydetails_firstname.value;
if (parent.HEADING.mydetails_firstname!=''){
document.getElementById('mydetails_firstname').value=parent.HEADING.mydetai ls_firstname;
}
If you want to see it in action, visit the following link which will land on
the shopping cart page with a product (a PC) already added to your order...
https://www.microbuild.com/microbuild/catalog/shopping_cart.php?action=buy_ now&products_id=181
.... Then click the 'Place Order' button to take you to the checkout page and
fill in any test information you like. Click the 'Back to My Order' button
to return to the shopping cart and then click the 'Place Order' button again
to return to the checkout page. You'll see that any information you entered
previously has been magically preserved :)
Andy
Ps Merry Christmas everyone.
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179991 is a reply to message #179990] |
Tue, 25 December 2012 10:31 |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 25/12/12 10:03, Andy wrote:
>
>
> "Denis McMahon" <denismfmcmahon(at)gmail(dot)com> wrote in message
> news:kbakra$lmv$1(at)dont-email(dot)me...
>> On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
>>
>>> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>>>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>>>
>>>> > On 12/24/2012 4:30 AM, Andy wrote:
>>>> >>> well exactly. There are only three ways to keep track of a browser
>>>> >>> state between pages: cookie, GET or POST.
>>>> >>
>>>> >> In the words of Yoda "There is another"...
>>>> >>
>>>> >> You guys won't like it but I thought it worth mentioning that you can
>>>> >> also use a hidden frame and store any variable to be passed back to
>>>> >> the next content page.
>>>>
>>>> > Which still comes back in the GET or POST values, as applicable.
>>>>
>>>> I think Andy is suggesting a client side method that uses javascript to
>>>> store a variable in a higher level frame between page loads. This could
>>>> be used to pass data between the javascript code running in two pages
>>>> on a client without passing the data through the server.
>>>>
>>>> It's a similar approach to using js to create a cookie on the client
>>>> side that can be read by js in another page on the client side, to pass
>>>> data between pages on the client side without relying on the server.
>>>>
>>>> However, as we already agreed (I think), until we have more information
>>>> about what the OP actually wants to do, and specifically whether he's
>>>> trying to pass state information between pages on the client or on the
>>>> server, it's a bit pointless debating the ins and outs of the various
>>>> possible methods.
>>
>>> But it's still passed back to the server via POST or GET. All he's
>>> suggesting is a different way of storing it on the client (i.e. instead
>>> of a hidden field in a form).
>>
>> No, he's suggesting a way to pass data from a client side script running
>> in one page on the client to a client page script running in another page
>> on the client *without* going back through the server at all.
>>
>> Scenario:
>>
>> A frameset has javascript methods set( param, value ) and get(param)
>>
>> Any pages loaded into a subframe of that frameset, from the same host
>> (xss
>> restrictions will apply if the page is from a different host) can call
>> the set and get methods in the parent frameset to store / retrieve values
>> that will never be passed through the server.
>>
>> I once wrote a shopping catalogue that ran 100% in client side javascript
>> doing this, for someone who was running on a hosting provider that only
>> made a basic mailform cgi available. Customers could browse the
>> catalogue, pick out their goods, and then mail their shopping list to the
>> company using the mailform cgi.
>>
>> The (mom & pop) company would then contact the customer, confirm the
>> requirement, put it on their van and deliver it, collecting payment when
>> they delivered.
>>
>> The only time that any "data" apart from plain page requests got sent to
>> the server was after the complete order had been assembled, when it was
>> sent to the mailform cgi on the server, and that could have been avoided
>> by generating a mail uri that would have launched the default mail
>> application on the client computer and populate the message text.
>>
>> The same can be done with a javascript cookie, although the cookie in
>> that case does get sent to the server the server just discards it, but
>> the javascript in different pages from the same host (again security
>> constraints apply) on the client can read and write the cookie and use it
>> to pass data values between themselves.
>>
>> --
>> Denis McMahon, denismfmcmahon(at)gmail(dot)com
>
> Hi,
>
> Dennis is correct.
>
> In fact, I too use this frame method in an ecommerce site so that if the
> customer browses back to the shopping cart after filling in some/all
> details on the checkout page, the information is restored when they
> decide to proceed to the checkout.
>
> No data is sent to the server other than fetching the checkout page and
> no data is stored on the client's computer. The information is stored in
> the 'header' frame as javascript variables and recalled by the checkout
> page loaded into the 'content' frame...
>
> onBlur="parent.HEADING.mydetails_firstname=mydetails_firstname.value;
>
> if (parent.HEADING.mydetails_firstname!=''){
> document.getElementById('mydetails_firstname').value=parent.HEADING.mydetai ls_firstname;
>
> }
>
> If you want to see it in action, visit the following link which will
> land on the shopping cart page with a product (a PC) already added to
> your order...
>
> https://www.microbuild.com/microbuild/catalog/shopping_cart.php?action=buy_ now&products_id=181
>
>
> ... Then click the 'Place Order' button to take you to the checkout page
> and fill in any test information you like. Click the 'Back to My Order'
> button to return to the shopping cart and then click the 'Place Order'
> button again to return to the checkout page. You'll see that any
> information you entered previously has been magically preserved :)
>
But not if you switch off the client computer. Or stop and restart its
browser. Which cookies WILL cater for.
> Andy
>
> Ps Merry Christmas everyone.
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179992 is a reply to message #179990] |
Tue, 25 December 2012 12:10 |
J.O. Aho
Messages: 194
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 25/12/12 11:03, Andy wrote:
> In fact, I too use this frame method in an ecommerce site so that if the
> customer browses back to the shopping cart after filling in some/all
> details on the checkout page, the information is restored when they
> decide to proceed to the checkout.
Works as long as someone don't go directly the the page, then there is
no frame to store the data to. I would call this a quite unstable
solution which depends on quite many assumptions about the user.
--
//Aho
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179993 is a reply to message #179988] |
Tue, 25 December 2012 12:21 |
Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>> No, he's suggesting a way to pass data from a client side script
>> running in one page on the client to a client page script running in
>> another page on the client *without* going back through the server at
>> all.
> Which is just another way of storing data on the client. It doesn't do
> a bit of good getting data back to the server so PHP can act on it - cgi
> or otherwise.
Sometimes all you want to do is pass data from javascript running in one
client page to javascript running in another client page, and sometimes
you want to do this in a hosting environment that doesn't support any for
of server side scripting.
Which is why we need more detail about what the OP is trying to do before
we try and give him solutions, because we're all making assumptions about
his requirement based on incomplete data. I could assume that he's
talking about passing data between php scripts on the server, in which
case session / post / get are the obvious methods, but then I start
wondering why doesn't he want to use the obvious methods? Are they not
available to him? If they're not, then perhaps he's not scripting server
side, and so perhaps what he's trying to do, although he's asking both in
the wrong place and in a very ambiguously worded way, is to pass values
between two client side scripts.
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179994 is a reply to message #179992] |
Tue, 25 December 2012 13:23 |
Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Tue, 25 Dec 2012 13:10:33 +0100, J.O. Aho wrote:
> On 25/12/12 11:03, Andy wrote:
>
>> In fact, I too use this frame method in an ecommerce site so that if
>> the customer browses back to the shopping cart after filling in
>> some/all details on the checkout page, the information is restored when
>> they decide to proceed to the checkout.
>
> Works as long as someone don't go directly the the page, then there is
> no frame to store the data to. I would call this a quite unstable
> solution which depends on quite many assumptions about the user.
You test for the expected parent frame in the javascript, and if it's not
there, load it by with window.location.replace("<parent_frame_url>");
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179995 is a reply to message #179993] |
Tue, 25 December 2012 13:41 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 7:21 AM, Denis McMahon wrote:
> On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
>
>> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>
>>> No, he's suggesting a way to pass data from a client side script
>>> running in one page on the client to a client page script running in
>>> another page on the client *without* going back through the server at
>>> all.
>
>> Which is just another way of storing data on the client. It doesn't do
>> a bit of good getting data back to the server so PHP can act on it - cgi
>> or otherwise.
>
> Sometimes all you want to do is pass data from javascript running in one
> client page to javascript running in another client page, and sometimes
> you want to do this in a hosting environment that doesn't support any for
> of server side scripting.
>
If that's what he's wanting, why would he be asking in a PHP newsgroup?
> Which is why we need more detail about what the OP is trying to do before
> we try and give him solutions, because we're all making assumptions about
> his requirement based on incomplete data. I could assume that he's
> talking about passing data between php scripts on the server, in which
> case session / post / get are the obvious methods, but then I start
> wondering why doesn't he want to use the obvious methods? Are they not
> available to him? If they're not, then perhaps he's not scripting server
> side, and so perhaps what he's trying to do, although he's asking both in
> the wrong place and in a very ambiguously worded way, is to pass values
> between two client side scripts.
>
No, you're making assumptions that he wants to do something he never
asked for, and is off topic in this newsgroup.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179996 is a reply to message #179990] |
Tue, 25 December 2012 13:42 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 5:03 AM, Andy wrote:
>
>
> "Denis McMahon" <denismfmcmahon(at)gmail(dot)com> wrote in message
> news:kbakra$lmv$1(at)dont-email(dot)me...
>> On Mon, 24 Dec 2012 13:56:17 -0500, Jerry Stuckle wrote:
>>
>>> On 12/24/2012 11:40 AM, Denis McMahon wrote:
>>>> On Mon, 24 Dec 2012 08:30:45 -0500, Jerry Stuckle wrote:
>>>>
>>>> > On 12/24/2012 4:30 AM, Andy wrote:
>>>> >>> well exactly. There are only three ways to keep track of a browser
>>>> >>> state between pages: cookie, GET or POST.
>>>> >>
>>>> >> In the words of Yoda "There is another"...
>>>> >>
>>>> >> You guys won't like it but I thought it worth mentioning that you can
>>>> >> also use a hidden frame and store any variable to be passed back to
>>>> >> the next content page.
>>>>
>>>> > Which still comes back in the GET or POST values, as applicable.
>>>>
>>>> I think Andy is suggesting a client side method that uses javascript to
>>>> store a variable in a higher level frame between page loads. This could
>>>> be used to pass data between the javascript code running in two pages
>>>> on a client without passing the data through the server.
>>>>
>>>> It's a similar approach to using js to create a cookie on the client
>>>> side that can be read by js in another page on the client side, to pass
>>>> data between pages on the client side without relying on the server.
>>>>
>>>> However, as we already agreed (I think), until we have more information
>>>> about what the OP actually wants to do, and specifically whether he's
>>>> trying to pass state information between pages on the client or on the
>>>> server, it's a bit pointless debating the ins and outs of the various
>>>> possible methods.
>>
>>> But it's still passed back to the server via POST or GET. All he's
>>> suggesting is a different way of storing it on the client (i.e. instead
>>> of a hidden field in a form).
>>
>> No, he's suggesting a way to pass data from a client side script running
>> in one page on the client to a client page script running in another page
>> on the client *without* going back through the server at all.
>>
>> Scenario:
>>
>> A frameset has javascript methods set( param, value ) and get(param)
>>
>> Any pages loaded into a subframe of that frameset, from the same host
>> (xss
>> restrictions will apply if the page is from a different host) can call
>> the set and get methods in the parent frameset to store / retrieve values
>> that will never be passed through the server.
>>
>> I once wrote a shopping catalogue that ran 100% in client side javascript
>> doing this, for someone who was running on a hosting provider that only
>> made a basic mailform cgi available. Customers could browse the
>> catalogue, pick out their goods, and then mail their shopping list to the
>> company using the mailform cgi.
>>
>> The (mom & pop) company would then contact the customer, confirm the
>> requirement, put it on their van and deliver it, collecting payment when
>> they delivered.
>>
>> The only time that any "data" apart from plain page requests got sent to
>> the server was after the complete order had been assembled, when it was
>> sent to the mailform cgi on the server, and that could have been avoided
>> by generating a mail uri that would have launched the default mail
>> application on the client computer and populate the message text.
>>
>> The same can be done with a javascript cookie, although the cookie in
>> that case does get sent to the server the server just discards it, but
>> the javascript in different pages from the same host (again security
>> constraints apply) on the client can read and write the cookie and use it
>> to pass data values between themselves.
>>
>> --
>> Denis McMahon, denismfmcmahon(at)gmail(dot)com
>
> Hi,
>
> Dennis is correct.
>
> In fact, I too use this frame method in an ecommerce site so that if the
> customer browses back to the shopping cart after filling in some/all
> details on the checkout page, the information is restored when they
> decide to proceed to the checkout.
>
> No data is sent to the server other than fetching the checkout page and
> no data is stored on the client's computer. The information is stored in
> the 'header' frame as javascript variables and recalled by the checkout
> page loaded into the 'content' frame...
>
> onBlur="parent.HEADING.mydetails_firstname=mydetails_firstname.value;
>
> if (parent.HEADING.mydetails_firstname!=''){
> document.getElementById('mydetails_firstname').value=parent.HEADING.mydetai ls_firstname;
>
> }
>
> If you want to see it in action, visit the following link which will
> land on the shopping cart page with a product (a PC) already added to
> your order...
>
> https://www.microbuild.com/microbuild/catalog/shopping_cart.php?action=buy_ now&products_id=181
>
>
> ... Then click the 'Place Order' button to take you to the checkout page
> and fill in any test information you like. Click the 'Back to My Order'
> button to return to the shopping cart and then click the 'Place Order'
> button again to return to the checkout page. You'll see that any
> information you entered previously has been magically preserved :)
>
> Andy
>
> Ps Merry Christmas everyone.
So? PHP doesn't run on the client. The fact he's asking here means he
wants something which can be handled by PHP.
So take your javascript crap someplace else. It has no business here.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179997 is a reply to message #179992] |
Tue, 25 December 2012 13:44 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 7:10 AM, J.O. Aho wrote:
> On 25/12/12 11:03, Andy wrote:
>
>> In fact, I too use this frame method in an ecommerce site so that if the
>> customer browses back to the shopping cart after filling in some/all
>> details on the checkout page, the information is restored when they
>> decide to proceed to the checkout.
>
> Works as long as someone don't go directly the the page, then there is
> no frame to store the data to. I would call this a quite unstable
> solution which depends on quite many assumptions about the user.
>
>
It is, J.O. Overly complicated and full of all kinds of potential
problems. Plus it has nothing to do with PHP, and is off topic here.
Some people just can't understand simple concepts like newsgroup topics.
They also are so entranced with their "solution" they can't see the
problems it can cause.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #179998 is a reply to message #179994] |
Tue, 25 December 2012 15:08 |
J.O. Aho
Messages: 194
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 25/12/12 14:23, Denis McMahon wrote:
> On Tue, 25 Dec 2012 13:10:33 +0100, J.O. Aho wrote:
>
>> On 25/12/12 11:03, Andy wrote:
>>
>>> In fact, I too use this frame method in an ecommerce site so that if
>>> the customer browses back to the shopping cart after filling in
>>> some/all details on the checkout page, the information is restored when
>>> they decide to proceed to the checkout.
>>
>> Works as long as someone don't go directly the the page, then there is
>> no frame to store the data to. I would call this a quite unstable
>> solution which depends on quite many assumptions about the user.
>
> You test for the expected parent frame in the javascript, and if it's not
> there, load it by with window.location.replace("<parent_frame_url>");
And you lost the connection with things they may have been doing already
in another frame setup in another window/tab.
--
//Aho
|
|
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180000 is a reply to message #179993] |
Tue, 25 December 2012 16:14 |
Peter H. Coffin
Messages: 245
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Tue, 25 Dec 2012 12:21:18 +0000 (UTC), Denis McMahon wrote:
> On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
>
>> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>
>>> No, he's suggesting a way to pass data from a client side script
>>> running in one page on the client to a client page script running in
>>> another page on the client *without* going back through the server at
>>> all.
>
>> Which is just another way of storing data on the client. It doesn't do
>> a bit of good getting data back to the server so PHP can act on it - cgi
>> or otherwise.
>
> Sometimes all you want to do is pass data from javascript running in one
> client page to javascript running in another client page, and sometimes
> you want to do this in a hosting environment that doesn't support any for
> of server side scripting.
So tell me how this works in PHP please?
This being comp.lang.php and all...
--
Lisa: There's going to be sex, drugs, rock'n'roll. Chips, dips,
chains, whips.
-- "Weird Science"
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180001 is a reply to message #179999] |
Tue, 25 December 2012 16:40 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 10:20 AM, Biju S wrote:
> On Saturday, December 22, 2012 1:18:53 AM UTC-8, Biju S wrote:
>> Pass varible to One page to other page ....
>>
>> With out Url varible and session ....
>>
>> any way
>
> Thaks all for reply
>
I'm still wondering what you're trying to do and why you don't want to
use the $_SESSION array.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180002 is a reply to message #180000] |
Tue, 25 December 2012 19:25 |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 25/12/12 16:14, Peter H. Coffin wrote:
> On Tue, 25 Dec 2012 12:21:18 +0000 (UTC), Denis McMahon wrote:
>> On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
>>
>>> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>>
>>>> No, he's suggesting a way to pass data from a client side script
>>>> running in one page on the client to a client page script running in
>>>> another page on the client *without* going back through the server at
>>>> all.
>>
>>> Which is just another way of storing data on the client. It doesn't do
>>> a bit of good getting data back to the server so PHP can act on it - cgi
>>> or otherwise.
>>
>> Sometimes all you want to do is pass data from javascript running in one
>> client page to javascript running in another client page, and sometimes
>> you want to do this in a hosting environment that doesn't support any for
>> of server side scripting.
>
> So tell me how this works in PHP please?
>
> This being comp.lang.php and all...
>
You send all the customers' data to the browser and let JavaScript sort
out which details apply to this particular browser?
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180003 is a reply to message #180000] |
Wed, 26 December 2012 01:21 |
Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Tue, 25 Dec 2012 10:14:47 -0600, Peter H. Coffin wrote:
> On Tue, 25 Dec 2012 12:21:18 +0000 (UTC), Denis McMahon wrote:
>> On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
>>
>>> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>>
>>>> No, he's suggesting a way to pass data from a client side script
>>>> running in one page on the client to a client page script running in
>>>> another page on the client *without* going back through the server at
>>>> all.
>>
>>> Which is just another way of storing data on the client. It doesn't
>>> do a bit of good getting data back to the server so PHP can act on it
>>> - cgi or otherwise.
>>
>> Sometimes all you want to do is pass data from javascript running in
>> one client page to javascript running in another client page, and
>> sometimes you want to do this in a hosting environment that doesn't
>> support any for of server side scripting.
>
> So tell me how this works in PHP please?
>
> This being comp.lang.php and all...
It doesn't :)
But the fact this is a php group never seems to stop people asking about
non php things here.
Which is why right at the start I suggested that if this is what he was
trying to do, he should be using a javascript forum and not a php one.
Which would have been the end of the matter, if it hadn't been for a few
people who insisted that what I had suggested, and pointed him to a
javascript forum for information about, as a mechanism for passing data
between pages on the client side, was either impossible (it's not) or
needed server side scripting of some sort (it doesn't). ;)
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180004 is a reply to message #180003] |
Wed, 26 December 2012 01:36 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 8:21 PM, Denis McMahon wrote:
> On Tue, 25 Dec 2012 10:14:47 -0600, Peter H. Coffin wrote:
>
>> On Tue, 25 Dec 2012 12:21:18 +0000 (UTC), Denis McMahon wrote:
>>> On Mon, 24 Dec 2012 20:23:49 -0500, Jerry Stuckle wrote:
>>>
>>>> On 12/24/2012 5:26 PM, Denis McMahon wrote:
>>>
>>>> > No, he's suggesting a way to pass data from a client side script
>>>> > running in one page on the client to a client page script running in
>>>> > another page on the client *without* going back through the server at
>>>> > all.
>>>
>>>> Which is just another way of storing data on the client. It doesn't
>>>> do a bit of good getting data back to the server so PHP can act on it
>>>> - cgi or otherwise.
>>>
>>> Sometimes all you want to do is pass data from javascript running in
>>> one client page to javascript running in another client page, and
>>> sometimes you want to do this in a hosting environment that doesn't
>>> support any for of server side scripting.
>>
>> So tell me how this works in PHP please?
>>
>> This being comp.lang.php and all...
>
> It doesn't :)
>
> But the fact this is a php group never seems to stop people asking about
> non php things here.
>
> Which is why right at the start I suggested that if this is what he was
> trying to do, he should be using a javascript forum and not a php one.
>
> Which would have been the end of the matter, if it hadn't been for a few
> people who insisted that what I had suggested, and pointed him to a
> javascript forum for information about, as a mechanism for passing data
> between pages on the client side, was either impossible (it's not) or
> needed server side scripting of some sort (it doesn't). ;)
>
But the OP never asked about passing data between pages. So your
"answer" was completely off-topic - both in this newsgroup and to the OP.
You just can't seem to understand that...
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180006 is a reply to message #180004] |
Wed, 26 December 2012 02:21 |
Denis McMahon
Messages: 634
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On Tue, 25 Dec 2012 20:36:40 -0500, Jerry Stuckle wrote:
> But the OP never asked about passing data between pages. So your
> "answer" was completely off-topic - both in this newsgroup and to the
> OP.
Passing data between pages is *exactly* what he asked about!
> Pass varible to One page to other page ....
> With out Url varible and session ....
> any way
I parsed his post as:
"Is there any way to pass a variable from one page to another page
without using server side php session data or embedding the variable in a
url as a fieldname=value pair?"
You seem to assume that because he's asking in a php newsgroup, he must
be talking in a php context.
I am more liberal in interpreting his question, and allow for the fact
that even though he's asking in a php group, he may be trying to do
something that's outside the scope of php, and in case he is, suggest
that if so, he look somewhere else that's more appropriate.
Experience has taught me that many people come to this group with non php
queries (including html, javascript, sql, xml, css etc), which is why I
apply a liberal interpretation of all questions asked of this ng.
--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180008 is a reply to message #180006] |
Wed, 26 December 2012 02:47 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 12/25/2012 9:21 PM, Denis McMahon wrote:
> On Tue, 25 Dec 2012 20:36:40 -0500, Jerry Stuckle wrote:
>
>> But the OP never asked about passing data between pages. So your
>> "answer" was completely off-topic - both in this newsgroup and to the
>> OP.
>
> Passing data between pages is *exactly* what he asked about!
>
>> Pass varible to One page to other page ....
>> With out Url varible and session ....
>> any way
>
> I parsed his post as:
>
> "Is there any way to pass a variable from one page to another page
> without using server side php session data or embedding the variable in a
> url as a fieldname=value pair?"
>
> You seem to assume that because he's asking in a php newsgroup, he must
> be talking in a php context.
>
> I am more liberal in interpreting his question, and allow for the fact
> that even though he's asking in a php group, he may be trying to do
> something that's outside the scope of php, and in case he is, suggest
> that if so, he look somewhere else that's more appropriate.
>
> Experience has taught me that many people come to this group with non php
> queries (including html, javascript, sql, xml, css etc), which is why I
> apply a liberal interpretation of all questions asked of this ng.
>
Not in a PHP newsgroup. And, as pointed out by others, there are
numerous problems with your "solution".
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Pass varible with out URL and SESSION [message #180024 is a reply to message #179992] |
Thu, 27 December 2012 09:22 |
Andy
Messages: 8
Registered: March 2002
Karma: 0
|
Junior Member |
|
|
"J.O. Aho" <user(at)example(dot)net> wrote in message
news:ajtjdpF4rinU1(at)mid(dot)individual(dot)net...
> On 25/12/12 11:03, Andy wrote:
>
>> In fact, I too use this frame method in an ecommerce site so that if the
>> customer browses back to the shopping cart after filling in some/all
>> details on the checkout page, the information is restored when they
>> decide to proceed to the checkout.
>
> Works as long as someone don't go directly the the page, then there is no
> frame to store the data to. I would call this a quite unstable solution
> which depends on quite many assumptions about the user.
>
>
> --
>
> //Aho
>
>
Incorrect, the link I gave as an example was a direct link. I just use a bit
of javascript to reconstruct the frameset. In fact, that page uses 13
frames!
Andy
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]