PHP HTML Multi-step Page with sessions

Question

I'm making a project to add information into database Mysql. Here is the deal we have to make 3 forms with sessions and provide a registration of and user by STEPS, and this sessions to keep the records and if I'm on step 2 I can roll back and edit something in step 1 or step 3. This should be done with sessions. I had make something and I want your help to advice me how can I continue. I will post my code to the moment.

I know the code is Lame, but I'm learning now. Thank you! This is the first step of my registration. How could I continue?

<?php
session_start();
// $_SESSION
$fname = '';
if (isset($_SESSION['user_fname']) && !empty($_SESSION['user_fname'])) {
  $fname = $_SESSION['user_fname'];
}
$connection = mysql_connect("localhost","root","");
if (!$connection) {
      die('Mysql Could not been established ' . mysql_error());
  }
  else{ 
        $db_name = "phplab_course_project";
        mysql_select_db($db_name, $connection);
        if(isset($_POST['submit'])){
            if($_POST['user_fname']!="" && $_POST['user_mname']!="" && $_POST['user_lname']!="" && $_POST['user_login']!="" && $_POST['user_email']!="" && $_POST['user_phone']!=""){
                $sql = "insert into users(user_fname, user_mname, user_lname, user_login, user_email, user_phone )
                values('".$_POST['user_fname']."', '".$_POST['user_mname']."', '".$_POST['user_lname']."', '".$_POST['user_login']."', '".$_POST['user_email']."', '".$_POST['user_phone']."');";
                mysql_query($sql, $connection);
                printf("The data is inserted id %d\n", mysql_insert_id());
            }
        }
  }
?> 
<html>
    <body>
        <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
            <table>
                <tr>
                Лични данни<br>
                    <br><td>Firstname*</td>
                    <td>
                        <input type="text" name="user_fname" value="<?php echo $fname;?>" required />
                    </td>
                    <td></td>
                </tr>
                <tr>
                    <td>Surname </td>
                    <td><input type="text" name="user_mname" /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Lastname* </td>
                    <td><input type="text" name="user_lname" required /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Username (login)* </td>
                    <td><input type="text" name="user_login" required /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Mail* </td>
                    <td><input type="text" name="user_email" required /></td>
                    <td></td>
                </tr>
                <tr>
                    <td>Phone </td>
                    <td><input type="text" name="user_phone" /></td>
                    <td></td>
                </tr>
                <tr>
                    <td></td>
                    <td><input type="submit" name='submit' value="Save"/></td>
                    <td></td>
                </tr>
            </table>        

        </form>
    </body>
</html>

Answer 1

Here are a few tips:

• Make a separate function or class method to process each stage separately. Have some way of tracking which stage data is being sent to you - for example, you could use a hidden input with value stage1, stage2, stage3 in each form. This way you'll be able to send the input to the corresponding function or class method.

• Store the information between the stages in the session only, and only insert in the database after all stages are complete and all fields have valid values

• Illustration of the upper two:

  form1 -> php script 1 -> save values in session -> redirect to form 2 -> php script 2 -> save to session -> redirect to form 3 -> php script 3 -> save to session -> save to database and show success message

• Put a check on all fields if they exist in the session like this:

  <input type="text" name="item" <?php if (isset($_SESSION['item']) echo 'value="' . htmlspecialchars($_SESSION['item'], ENT_QUOTES) . '"'; ?>/>

If you go back (hit the browser back button), the field values are saved by default, but if you go back by following a link or redirect, with this code PHP will take care of not losing the values.

• You can use flags to see in PHP which stage has been completed (i.e. if ([stage fields are filled and valid]) { $_SESSION['stage1'] = 'completed'; }, and if a stage isn't completed, you can redirect them back.

• If you've ever done online shopping, you can borrow some ideas of the way they handle the order processing (username/email -> address -> credit card info -> checkout). You could also go to Magento online demo store, order something and see exactly what's being done, although it's implemented with JavaScript (it's a demo, orders are not processed)

Hope any of these helps.

Cheers.