#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0

    Sessions, delete mysql and start a new session


    Trying to be short.
    I have page A with a form that when is filled in submits to page B on wich a booking is done in mysql database and the user is redirected to an external paypal page.
    Problem, if backbutton is hitten after the booking is done to edit what was written in form, as booking is already done by the script a new booking cant be done.
    So therefore I want to use sessions to delete the booking if backbutton is hit.
    I tried to add the delete script in page B using sessions, but it did not work as page is not refreshed, only stepped back, so then I am trying to do on page A.
    So I need to on page A if the person comes to page A from a previous page with a form (not page B) then start session and fill in form.
    However if there already is a session with a booking id for the session I need the id to be deleted in the database, then destroy the session and start a new session.

    So I need something like this wich gives me error and its the same, page A is hit by backbutton so does not refresh:
    PHP Code:
    session_start();
    include(
    "conection.php"); 
    $ids=$_SESSION['ids'];
    echo 
    $_SESSION['ids'];
    $sql mysql_query("DELETE FROM bookings WHERE id=$ids");
    session_destroy();
    session_start(); 
    Thinking,
    maybe the session should expire if backbutton is hitten and if expires the booking deleted? Sorry but no experience with sessions.
    Last edited by newtonperri; May 23rd, 2013 at 02:07 PM.
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    deleting a submission just because the user goes back is very wrong in my opinion. From a usability point of view, I mean. If I hit the "book" button, then that's exactly what I expect you do to: permanently insert the booking. There's no turning back. If I happen to go back or reload the page, I do not expect this to somehow cancel the booking. I expect to be redirected to an empty form or get an error or whatever. But I do not want you to somehow guess my intention and revert my action. That's just weird and will lead to massive confusion. Users may go back and close the window, not knowing this completely kills the booking.

    Just imagine an online shop doing this: You make a definite order. Afterwards, you navigate on the page, and suddenly your order is gone, because the shop software thought you wanted to change it. I don't think I'd wanna use that shop.

    If you want users to be able to cancel or edit a booking, make a separate from. But do not mess with their basic expectations. "book" means "book".
    The 6 worst sins of securityHow to (properly) access a MySQL database with PHP

    Why can’t I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    78
    Rep Power
    0
    Originally Posted by Jacques1
    Hi,

    deleting a submission just because the user goes back is very wrong in my opinion. From a usability point of view, I mean. If I hit the "book" button, then that's exactly what I expect you do to: permanently insert the booking. There's no turning back. If I happen to go back or reload the page, I do not expect this to somehow cancel the booking. I expect to be redirected to an empty form or get an error or whatever. But I do not want you to somehow guess my intention and revert my action. That's just weird and will lead to massive confusion. Users may go back and close the window, not knowing this completely kills the booking.

    Just imagine an online shop doing this: You make a definite order. Afterwards, you navigate on the page, and suddenly your order is gone, because the shop software thought you wanted to change it. I don't think I'd wanna use that shop.

    If you want users to be able to cancel or edit a booking, make a separate from. But do not mess with their basic expectations. "book" means "book".
    Thanks Jacques,
    I have had the online booking since january, and it is not the way you see it or I explained it, after they done the booking they are taken to paypal to pay for the booking, if they dont pay there is no booking, so obviously if they hit the backbutton there is no way they can pay for the booking, so the booking needs to be deleted so they can do a new one and pay for it.
    When they hit the backbutton they are taken to the same form as before, so they resubmit trying to do the booking and pay for it but they can´t as it is "not available" anymore.

    We have had many problems with persons doing this, phoning or emailing telling they wanted to book went to paypal, for some reason had problem on paypals page or wanted to change something in the booking, so they hit the backbutton to try to do it again, but of course a message comes up telling them the property is already booked for those dates, so then I have to tell them to wait 30-45 minutes for the chronjob to delete the booking so they can finish there booking.

    Any idea of how doing this?
    I cant do it the contrary, first pay then do the booking as there is only one item (properties) so if I insert the booking after its paid, there can be doubblebookings.
    Thanks
    Last edited by newtonperri; May 23rd, 2013 at 04:56 PM.

IMN logo majestic logo threadwatch logo seochat tools logo