Posted by cendrizzi on 10/05/06 17:14

I have thought of something like this but I was hoping to not be this
restrictive if possible. In the end I'll just go for what works.

On Oct 5, 9:27 am, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spamyourself.com> wrote:
> cendrizzi wrote:
> > Hi all,
> > I've read some stuff on this but can't seem to come up with a solution
> > that works right. I have a semi-mature (yet very large and robust)
> > internal web application that currently only works with one window open
> > at a time.
>
> > Maybe I'm abusing the use of $_SESSION but I have data entry processes
> > split up in several steps (which is required since depending on what
> > was put before determines what pages will be shown after). To store
> > this information between the steps I use the session, which is the only
> > way I know that this would be possible (uses arrays in arrays). So if
> > I were to open up a window and start the data entry it would overwrite
> > the last one.
>
> > So one thought was trying to create an instance id that that is
> > randomly generated that is passed between the pages using a $_GET
> > variable. Using this id I would create and reference custom session
> > variables making sure each instance is completely unique. This seems
> > to be consistent with what others have tried but I don't think it would
> > work since if someone middle clicked on a page link it would open up a
> > new tab (in firefox and IE7) with the same instance id with. There
> > doesn't seem to me to be an easy way to ensure that each window in a
> > browser has it's own, unique, instance.
>
> > Surely this isn't unique to me so how in the world can I ensure that
> > each window/tab gets a unique id of some sort so that my session is
> > unique for each one?
>
> > Lastly, if necessary, I wouldn't mind trying to suppress a new window
> > but this is plagued with the same issues (how do I know it's a new
> > window/tab?). I know this is not ideal but given the nature of the
> > application this wouldn't be a big problem.
>
> > Thanks in advance.Hi,
>
> You have several options (if I understand your problem).
> The simplest is this: Just mark your steps in the SESSION.
> Just add a field:
> $_SESSION["step"] = 1;
>
> If a script is called for step 3, it first checks if the last step in the
> SESSION was 2, otherwise it refuses the posting and tell the client he/she
> should use it in the right order.
>
> When a script succesfully finishes, increase the step in session to its new
> value.
>
> Does that help?
>
> The other option (with different id's) goes against the idea behind a
> session. Every browser can build 1 session for a domain. I wouldn't try
> something like changing the sessionid for each new request. I can be done,
> but it is a mess.
> Just force the enduser to do things in the right order, simply by counting
> your steps and refusing calls to scripts that are before or after the step
> that is defined (by YOU) in the sessionarray.
>
> Hope that helps.
>
> Regards,
> Erwin Moller

[Back to original message]