Jump to content

Question about authenticating form input


Meriakh
 Share

Recommended Posts

I was hoping to find out an answer to a relatively complex html/php/sql question. I have a form on my site that I want users to fill out. The user fills it out and then submits the form, sending it to a php file. That file is then supposed to add 1 entry to the sql database. What I want to do is put this data being sent to the database on hold - so say a random user enters data, that data is then stopped. After that, I want to be able to review the data entered and determine if it is acceptable. If the data is acceptable, I want to be able to accept the data and then have it sent to the database.Once the data is accepted, I also want to create a new web page with that data entered in a specific format. So far I have set up the form and have been able to enter the data in a database. I guess my main question at this point is how I could automatically have an email sent to myself when someone submits the form which would then allow me to preview the data before I accept it.

Link to comment
Share on other sites

Simple and easy to do. Thanks for the idea, Ingolme. I actually have a followup question to your response. When the data is submitted to the database it should be straightforward to automatically notify me that something has been submitted. I haven't dealt with emails in php, but I just looked through it and it should be easy enough. When sending the email, I need to specify a link for me to go to, correct? And that link should pull the information that was submitted. I would think when sending the email I would need to specify the key associated with the database entry. Also, the link would somehow need to pass that key as a parameter so that I could pull all of the relevant information. From there, I would really like to be able to view the info in the way it will look when published on the site. So my question here: How would I be able to email myself a link which will allow me to view the submitted data? I guess I'm not real clear on how the site with the information displayed would be created.

Link to comment
Share on other sites

first insert the data which will be posted by user. get the last insert id of the insertion. make a url where you will embded the ID of the data in query string. the query string will point to a script where you will alter the FLAG field. flag field is boolean field which will determine it is accepted or not. You also have to make sure of some authentication otherwise anyone would pass the query string with arbitaray id and can alter the FLAG. If you want you can also send the data as content with the URL in email body.

Link to comment
Share on other sites

So if I want to link the site in the email addressed to the admin for authentication I would want to link something like this?

http://server/path?idVar=<ID of database_entry>

Where the "ID of sql database entry" will be automatically input when the email is sent. And then of course the path would be the path to the authentication page, which would always be the same besides the ID input. Also, what kind of authentication would I need to use? Is there a good link to a place I could get information on site security in general, but also in regards to this?

Edited by Meriakh
Link to comment
Share on other sites

yes something like that.

Is there a good link to a place I could get information on site security in general, but also in regards to this?
http://owsap.org
Also, what kind of authentication would I need to use?
either a form based authentication where you need to login everytime and which has privilages checking. but you have to login every time when your session dies. either way and which seems suitable for you would be setting a hashed string for each row which will be passed with url and you will check the string if it matches with the stored hash of database. if it matches do the job mark them verified and you can also set the hash fields to NULL to save disk space
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...