Web Analytics Made Easy -
StatCounter Best way to transfer variables from page to page? - CodingForum

Announcement

Collapse
No announcement yet.

Best way to transfer variables from page to page?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best way to transfer variables from page to page?

    So in my text RPG project I decided to use PHP so I could keep track of certain decisions players made in the intro throughout the entire game. I have already received help on how to use PHP and am now more familiar with the script. So I want to be able to keep variables accessible throughout multiple pages. These variables are retrieved from a form using the $_GET method. I noticed that it basically declares the variable in the next .php page url.

    So it works for one page lat's say I want to have the variable $name appear in this string "Hello $name !". It works for one page. But after the next page I haven't been able to find out how to keep grabbing the variables and taking them to the next page.

    My first idea was to run a PHP script in the beginning of the document just a bunch of $_GET commands. Maybe this will work and my syntax is wrong.
    Code:
    <!Doctype html>
    <html lang="en-US">
        <head>
            <title>Text RPG</title>
            <link rel="stylesheet" type="text/css" href="style1.css">
        </head>
        <body>
          [B]  <?php $_GET["name"]; ?>[/B]
            <div class="header">
                <h1>Miriam's Quest</h1>
            </div>
            <div class="nav">
                <p><a href="home.php">Back to Start</a></p>
            </div>
            <div class="content">
                <h2>Wonderful!</h2>
                <h4>What object is the most important to you?</h4>
                <form action="fork.php" method="get">
                    <button class="button" name="class" value="0.1">A Prayer Book</button>
                    <button class="button" name="class" value="0.2">Your Faithful Dog</button>
                    <button class="button" name="class" value="0.3">A Steel Dagger</button>
                    <button class="button" name="class" value="0.4">A Handcrafted Leather Shield</button>
                    <button class="button" name="class" value="0.5">A Rare Coin</button>
                    <button class="button" name="class" value="0.6">Your Father's Helm</button>
                </form>
               [B] <?php echo $name; ?>[/B]
            </div>
             <div class="footer">
                <p>
                    <a href="https://trello.com/b/nbYOInnL/text-rpg-website#">Trello</a>
                    |
                    <a href="mailto:[email protected]">Contact Author</a>
                </p>
            </div>
        </body>
    </html>
    The Echo command was just to test if I had the variable (which I didn't).
    This (below) is the source of the name form.
    Code:
    <!Doctype html>
    <html lang="en-US">
        <head>
            <title>Miriam's Quest</title>
            <link rel="stylesheet" type="text/css" href="style1.css">
            <meta charset="utf-8">
        </head>
        <body>
            <div class="header">
                <h1>Miriam's Quest</h1>
            </div>
            <div class="nav">
                <p><a href="home.php">Back to Start</a></p>
            </div>
            <div class="content">
                <h2>Welcome to Miriam's Quest!</h2>
                <h4>To begin, insert your name below!</h4>
                [B]<form action="job.php" method="get">
                    <input type="text" name="name" class="text">
                    <input type="submit" value="Continue" class="small_button">
                </form>[/B]
            </div>
            <div class="footer">
                <p>
                    <a href="https://trello.com/b/nbYOInnL/text-rpg-website#">Trello</a>
                    |
                    <a href="mailto:[email protected]">Contact Author</a>
                
                </p>
            </div>
        </body>
    </html>
    As you can see, this form collects the user's "name" and directs you to job.php. Then job.php has a form that collects your "job" (past occupation, for use in background story) and directs you to the first page. "Name" won't come up as a variable but it would in job.php.

    My other idea was that maybe I had to make an SQL database but I haven't done any research on SQL and have no idea how to incorporate it. Secondly, my goal is to make it a local process, that doesn't require you to login or anything.

    As I made my way through google $_SESSION and $_COOKIE came up alot. Maybe they are used for implementing this? Also, keep in mind that the variables are not needed to be secure so $_GET is perfectly fine over $_POST.

    If there was a way to run a script in the beginning of all of my pages that grabbed these variables and created them again on that page so I can use them for personalization of the story and IF/THEN commands.

    Thanks for the help, and remember I'm just a beginner to PHP.

  • #2
    Yup, you need to be looking to use sessions if you want to keep data on the server and use it between pages. That or the database that you have access to such as mysql (but you'll need to use mysqli - note the i - or pdo not the old fashioned mysql_ functions). Using a database is easy but can seem daunting at first so if you don't need to do anything complicated such as storing data permanently then just use sessions - but note that they expire after a while.
    "Tango says double quotes with a single ( ' ) quote in the middle"
    '$Name says single quotes with a double ( " ) quote in the middle'
    "Tango says double quotes ( \" ) must escape a double quote"
    '$Name single quotes ( \' ) must escape a single quote'

    Comment


    • #3
      Originally posted by olefalcon View Post
      Also, keep in mind that the variables are not needed to be secure so $_GET is perfectly fine over $_POST.
      Note that $_GET is more secure than $_POST so your comment doesn't make any sense - $_POST is less secure because it is updating something whereas $_GET is only used for retrieving. As far as someone being able to change the value both are equally insecure.
      Stephen
      Learn Modern JavaScript - http://javascriptexample.net/
      Helping others to solve their computer problem at http://www.felgall.com/

      Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

      Comment


      • #4
        Thanks for the help tangoforce! I am going to look into sessions and do some research.
        just use sessions - but note that they expire after a while.
        Yeah my idea is that your progress will only be saved during your browser session so we're good there.


        Note that $_GET is more secure than $_POST
        Ok felgall thanks for the heads-up! W3schools was telling me that $_POST was more secure than $_GET
        For my project however you won't gain anything by changing the values of of the variables. They are just to change the story.

        Comment


        • #5
          Not logging in to play seems like it might cause a situation where there is too much information to "remember". What happens if 5 people are playing at the same time? Without logging-in and using a database, none of them will be able to interact with each other. I sort of thought that was the point of an rpg.

          Comment


          • #6
            Originally posted by olefalcon View Post
            Yeah my idea is that your progress will only be saved during your browser session so we're good there.
            You misunderstand me, the default expiry time for sessions is 24 minutes if memory serves correctly - that means that regardless of the browser being open, 24 minutes later the session is destroyed automatically and all the data in it is gone.

            There are ways around it such as storing your session data in a database table but again you need to be familiar with using a database in order to start doing that.
            "Tango says double quotes with a single ( ' ) quote in the middle"
            '$Name says single quotes with a double ( " ) quote in the middle'
            "Tango says double quotes ( \" ) must escape a double quote"
            '$Name single quotes ( \' ) must escape a single quote'

            Comment


            • #7
              Originally posted by olefalcon View Post
              W3schools was telling me that $_POST was more secure than $_GET
              So they are helping spread the lie of security through obscurity with that statement. Just because you need to install an extension in your browser to be able to change $_POST variables but you can change $_GET values directly in the address bar doesn't make one more secure than the other as anyone wanting to change $_POST will have the extension installed.

              $_GET is used where no update is being performed (so the value returned can be cashed and used again if the same value is requested) whereas $_POST is used for performing server updates. Being able to change comething on the server is less secure than not being able to change anything hence using them for their proper purpose means $_GET is more secure.
              Stephen
              Learn Modern JavaScript - http://javascriptexample.net/
              Helping others to solve their computer problem at http://www.felgall.com/

              Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

              Comment


              • #8
                Without logging-in and using a database, none of them will be able to interact with each other. I sort of thought that was the point of an rpg.
                The game is going to be a simple text RPG, using a choose-your-own-adventure sort of style. My hope was that I could carry variables such as player names, and backstories to be implementable in the story.
                You misunderstand me, the default expiry time for sessions is 24 minutes if memory serves correctly - that means that regardless of the browser being open, 24 minutes later the session is destroyed automatically and all the data in it is gone.
                Ok so that kinda screws things. I might consider using a database but that will delay my progress as I'll have to get familiar with SQL. We'll see. I did think of another thing though. What if my action for my forms in the beginning included the variables in the url. I would just have to add a little section to all the PHP file url. It would look something like this
                class.php/?job=2
                fork.php/?name=jeff;job=2;class=0.4
                I have seen that work in some of my tests but not sure if it would be a consistent method. Really I only need 3 variables, two of which are just numbers.
                So they are helping spread the lie of security through obscurity with that statement. Just because you need to install an extension in your browser to be able to change $_POST variables but you can change $_GET values directly in the address bar doesn't make one more secure than the other as anyone wanting to change $_POST will have the extension installed.

                $_GET is used where no update is being performed (so the value returned can be cashed and used again if the same value is requested) whereas $_POST is used for performing server updates. Being able to change comething on the server is less secure than not being able to change anything hence using them for their proper purpose means $_GET is more secure.
                Ok that actually makes perfect sense, yes you can blame w3schools, their short and undescriptive definition of the methods were misleading.

                Comment


                • #9
                  Originally posted by tangoforce View Post
                  You misunderstand me, the default expiry time for sessions is 24 minutes if memory serves correctly - that means that regardless of the browser being open, 24 minutes later the session is destroyed automatically and all the data in it is gone.

                  There are ways around it such as storing your session data in a database table but again you need to be familiar with using a database in order to start doing that.
                  Storing the session data in a database doesn't do anything toward the session timeout, because it's still php handling what happens with the session. The solution to the default 24 minute session garbage collection time is to change the garbage collection time setting.
                  Finding out HOW to do something is called research, i.e. keep searching until you find the answer. After you attempt to do something and cannot solve a problem with it yourself, would be when you ask others for help.

                  Comment


                  • #10
                    How about using a simple plain text file for the "database"?

                    There are simple tutorials on reading and writing to a .txt file.

                    You could have many forks, branches, twists to the story. Each one is given a number. You write each one as a page or paragraph and save them as .txt files, example s3.txt, s4.txt, s5.txt, b2.txt, b3.txt ... whatever you want to call them. Figure out a good naming scheme.

                    To display them, you simply include them ...

                    <div class="story">
                    <?php include("b2.txt");?>
                    </div>

                    A person visiting the site enters their email address and you create a text file for that user.
                    Their email address is saved as a SESSION variable. That's all you need to know.

                    Let's say John Doe starts the game and enters his email address.
                    So you create a text file called: johndoe_aol_com.txt

                    This is the line written into that file ...
                    s1|

                    As john moves along, you add the forks and branches to his file. Use PHP to open the file and add or append the next rpg step.
                    s1|s2|b3|b4|b5|

                    ... or append the steps vertically by rows.

                    Use PHP to open the file at any time and determine where John is at. No matter what PHP page or script he is using, you always know who he is by the SESSION variable.

                    Doing it this way has all sorts of "security" issues, but you want to learn PHP and reading/writing to simple text files is a good way to start learning. Don't worry about security and hacking at this point. It's just an rpg, it's not an online banking site.

                    Find a PHP tutorial like this:
                    https://davidwalsh.name/basic-php-fi...d-close-delete
                    Last edited by mlseim; Sep 13, 2016, 09:31 PM.

                    Comment


                    • #11
                      Originally posted by CFMaBiSmAd View Post
                      Storing the session data in a database doesn't do anything toward the session timeout, because it's still php handling what happens with the session. The solution to the default 24 minute session garbage collection time is to change the garbage collection time setting.
                      I didn't provide tech details on it as it was a "possible" type of suggestion.

                      I am well aware of the limitation and workaround however with a custom session handler you can leave the garbage collection code blank and the session won't be deleted from the database (which is what i've done along with changing the default value).
                      "Tango says double quotes with a single ( ' ) quote in the middle"
                      '$Name says single quotes with a double ( " ) quote in the middle'
                      "Tango says double quotes ( \" ) must escape a double quote"
                      '$Name single quotes ( \' ) must escape a single quote'

                      Comment


                      • #12
                        Originally posted by mlseim View Post
                        How about using a simple plain text file for the "database"?

                        You could have many forks, branches, twists to the story. Each one is given a number. You write each one as a page or paragraph and save them as .txt files, example s3.txt, s4.txt, s5.txt, b2.txt, b3.txt ... whatever you want to call them. Figure out a good naming scheme.

                        To display them, you simply include them ...

                        <div class="story">
                        <?php include("b2.txt");?>
                        </div>

                        A person visiting the site enters their email address and you create a text file for that user.
                        Their email address is saved as a SESSION variable. That's all you need to know.

                        Use PHP to open the file at any time and determine where John is at. No matter what PHP page or script he is using, you always know who he is by the SESSION variable.

                        Doing it this way has all sorts of "security" issues, but you want to learn PHP and reading/writing to simple text files is a good way to start learning. Don't worry about security and hacking at this point. It's just an rpg, it's not an online banking site.

                        Find a PHP tutorial like this:
                        https://davidwalsh.name/basic-php-fi...d-close-delete
                        Wow this seems like an amazing idea! Thanks for the awesome help!

                        Comment


                        • #13
                          Originally posted by olefalcon View Post
                          Wow this seems like an amazing idea! Thanks for the awesome help!
                          No it's not, it's a terrible idea.

                          Not only is it insecure to store users data in files that can be seen via http, the disk input and output will almost cripple the server if you were to develop a site with a large user base. You could argue that a database would do too but that can be put on another machine and connected to remotely. Files that are constantly updated and served via http will be kept locally on the http hosting.

                          It's a bad idea. Either stick to sessions or learn to use a database. Flat files are a very bad idea.
                          "Tango says double quotes with a single ( ' ) quote in the middle"
                          '$Name says single quotes with a double ( " ) quote in the middle'
                          "Tango says double quotes ( \" ) must escape a double quote"
                          '$Name single quotes ( \' ) must escape a single quote'

                          Comment


                          • #14
                            Cmon, he's just learning PHP. Getting into PDO is a bit advanced for a beginner. There's nothing wrong with using flat files for a simple role playing game. If there ends-up being 1000 users, then it would be a terrible idea. For now, can't we get him started with PHP and provide some enthusiasm? Life is too short for worrying about security at the point where he is at. I'm trying to get him excited about PHP, not discourage him and scold him for using "insecure methods". He has to start somewhere.

                            Comment


                            • #15
                              Using a database is much simpler than updating individual files. I suggest that as a beginner they stick to using a database and learn how to process files later when they are more comfortable using PHP.
                              Stephen
                              Learn Modern JavaScript - http://javascriptexample.net/
                              Helping others to solve their computer problem at http://www.felgall.com/

                              Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

                              Comment

                              Working...
                              X