[Colin]

I am developing a website that is basically a online directory. I would like the user to first fill in their details in a form then be moved to a payment page then go to a thank you and contents confirmation page then finally the contents of the form are inserted into a database.

I already have the form, I have the solution for the payment page and the final database insert. BUT what I don't know is how to temporally store the form contents for use in the final page.

I know I could ask for payment first than do the whole fill in the form and insert into the database in one go, I feel it is better for the user to fill in the form first then pay second.

The site is being developed in DreamWeaver using PHP and MySQL

[Sam G]

PayPal?

[scaz182]

I'd use hidden form fields to pass the variables between pages.

<form>
/* payment form */
<input type="hidden" name="passed_data" value="<?php echo $_POST['data']; ?> /> // $_POST['data'] is from original form.
</form>

That can then be accessed in the subsequent page as $_POST['passed_data']

If however you don't have a form that you are able to adjust on your payment page you can stick the data in the URL and then reference it as a GET variable.

[red-X]

use session variables
tutotial how to use sessions

[Connetu_C]

Be careful when moving between pages: very little is fool-proof. Here are two different approaches and what can go wrong. Firstly, you choose to use sessions (a generally but not 100% reliable mechanism). So (1) your user fills in their details and you store these in a session; (2) your user goes to the second page but sessions don't work and all their details are lost. Oops! Secondly, you choose to use hidden form fields, so (1) your user fills in their details which are then passed to the second payment page; (2) your user enters their payment details and hits OK; (3) a connection is made to the POST-back for the payment page and the payment is accepted; (4) their browser attempts to redirect to the confirmation page but their network is temporarily down. The result is they've paid but you have no record of what they've paid for because it hasn't been inserted in your database yet. Oops!

My first thought is to use sessions and to be careful that you aren't just relying on cookies to store the session ID. One solution is a hidden form field which stores the session ID between pages (rather than the entire set of details they entered, which is quickly going to make your pages and POST-backs overwhelmingly large). Then be careful that you only capture the payment in the final step, after the order details have been successfully added to your database. You can still authorise the payment at the second step to check all card details are correct etc. That combination of approaches should eliminate possible weak links in the chain.

[skidz]

I've done this a few times with google and paypal. Sessions is my preffered method

[Colin]

That really gives me something to work with - Thank you all. A friend mentioned using cookies. ie store the whole form in a cookie then retrieve the information from the cookie in the final confirmation page. This sound a similar solution to the session variable

[sunwukung]

There's a big difference between a cookie and a session. One of the best methods is to store the (preferably encrypted)session in a database temporarily and pull it back out when required. DON'T store your form details in a cookie...