A Flash Developer Resource Site

Page 1 of 2 12 LastLast
Results 1 to 20 of 34

Thread: [RESOLVED] Loophole-Delete $_POST["x"]

  1. #1
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287

    resolved [RESOLVED] Loophole-Delete $_POST["x"]

    Let's say I have a flash that sends some variables via POST to a php page. What I want is some way to loophole a way around deleting the $_POST variables, either after the variables aren't needed, or when the page is refreshed. The only reason I've said "loophole a way around deleting" instead of just "delete" is because, after some research, I've discovered that deleting $_POST is impossible...so, I need a work-around. Any ideas? Code? Thanks!
    --SumWunGye

  2. #2
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    *Wonders why he always has to ask difficult questions*

    So, no then?
    --SumWunGye

  3. #3
    http://www.in3d.eu Kostas Zotos's Avatar
    Join Date
    Jul 2007
    Location
    Athens - Greece
    Posts
    408
    Hi,

    Have you try the PHP "unset()" command ?

    I mean (use inside PHP):
    PHP Code:
    unset($_POST);         // Deletes all $_POST variables

    unset($_POST['Age']);    // Deletes only the specific variable  (assume have set a variable named "Age") 
    You may run a "foreach" loop or try the values, (or use: "echo empty($_POST);", "var_dump($_POST);" etc to identify if POST exists..)


    Here is an example (Displays the $_POST vars and then delete them. You may send a "Name" and "Age" via POST to test it):
    PHP Code:
    <?php

    /* ----------------------------------------------------------------------------------------------------------------------------------
          This script first displays and then deletes the $_POST variables (if any)
          You may send (via "POST" method) a "Name"  and  "Age"  variables  for test
       ------------------------------------------------------------------------------------------------------------------------------------ 
    */
    echo '<META http-equiv="content-type"  content="text/html; charset=utf-8">';

    // ----------------------------------------------  Output the $_POST variables --------------------------------------------------

    Title'$_POST variables:');

    foreach (
    $_POST as $Key => $Value){
       echo 
    '<b>'.$Key.'</b>: &nbsp  '.$Value."<br>\n";
    }

    // ------------------------------------------  Unset (delete) the $_POST variables ----------------------------------------------

    unset($_POST);                  // Deletes all $_POST variables

    // unset($_POST['Age']);    // Deletes only the specific variable  (assume have set a variable named "Age")

    // ---------------------------------------- Try to Display the variables after deletion -------------------------------------------

    echo "<br><br>\n------------- After  POST  deletion: ----------- <br>\n";

    Title'$_POST variables:');

    echo 
    "<br>\n".'Get a Warning since $_Post is empty..';
    foreach (
    $_POST as $Key => $Value){                        // This will bring a warning  after deleting the $_POST variables
       
    echo '<b>'.$Key.'</b>: &nbsp  '.$Value."<br>\n";
    }

    echo 
    "<br>\nAge and Name: ".$_POST['Age'].'    '.$_POST['Name']."<br><br>\n\n";

    echo 
    "POST is Empty:  ".empty($_POST) ."<br><br>\n\n";    // Returns true (1) if the variable is empty

    var_dump($_POST);     // Outputs info for the given variable

    echo "<br><br>\n\n";

    print_r($_POST);    // Outputs info for the given variable


    // Just a function to format a title
    function Title($Txt) {  
       echo 
    "<br>\n\n".'<span style="color:#115aaa; font:bold 15px verdana">'.$Txt."</span><br>\n\n";
    }

    ?>
    I don't know if you meant something else with your question..

    Regards!

    Kostas
    Last edited by Kostas Zotos; 06-06-2008 at 08:14 AM.
    K. Zotos online portfolio: http://www.in3d.eu

  4. #4
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    I'm pretty sure I tried "unset" but I'll try again, just to be sure...
    --SumWunGye

  5. #5
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    Yeah, I already tried unset($_POST['var']), $_POST['var'] = null, AND, right now, I tried unset($_POST) - none work for me.
    --SumWunGye

  6. #6
    Bearded (M|G)od MyFriendIsATaco's Avatar
    Join Date
    Dec 2002
    Location
    Awesomeville.
    Posts
    3,045
    Is there a specific reason that you need to delete a key from the $_POST array? I don't think you can directly manipulate the data in there since it's sent from the browser. I can see it being a security issue.

    Why not copy the $_POST array into your own array, then start deleting keys from that?

  7. #7
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    Well, the $_POST thing isn't an array, it's separate variables...

    And, I don't know how to use the $_POST variables once, then, when used or when the page is refreshed, I would like to make it so they can not be used again, until resent (by the flash).

    The reason I need to (delete, loophole-delete) the $_POST variables is because I have the variables sent from flash written to a file in php. I don't want people able to hit refresh and write the variables to the file ∞ times...So, that's my story.
    --SumWunGye

  8. #8
    Bearded (M|G)od MyFriendIsATaco's Avatar
    Join Date
    Dec 2002
    Location
    Awesomeville.
    Posts
    3,045
    Quote Originally Posted by sumwungye
    Well, the $_POST thing isn't an array, it's separate variables...
    $_POST is an associative array.

    Quote Originally Posted by sumwungye
    I don't want people able to hit refresh and write the variables to the file ∞ times...So, that's my story.
    You're not going to be able to prevent that dude. If you refresh the page, the request is being sent from the browser again to the server.

    There is really no reason ever to actually delete variables from the POST array.

  9. #9
    Senior Member joshstrike's Avatar
    Join Date
    Jan 2001
    Location
    Alhama de Granada, España
    Posts
    1,136
    I think you're looking for something more like an optimistic locking mechanism, to prevent the data from being written twice, no? You could implement that on the database side (check for identical fields)...or, what jumps out at me as a way to make the data in $_POST expire is to include a timestamp, so you know if certain data has gone stale...and/or has already been written...

  10. #10
    http://www.in3d.eu Kostas Zotos's Avatar
    Join Date
    Jul 2007
    Location
    Athens - Greece
    Posts
    408
    Hi,

    The reason I need to (delete, loophole-delete) the $_POST variables is because I have the variables sent from flash written to a file in php. I don't want people able to hit refresh and write the variables to the file ∞ times...So, that's my story.
    Maybe use sessions to temporarily tarck if the data is already written
    (If use a session variable, the first time is empty. Once write your file, set this session var to a value (eg.true) and not allow rewrite the file if this var is already set..

    Note: session variables are like "temporary" cookies, exist only while the browser is open, and deleted automatically when browser closed (are not persistent)

    Here is a simple PHP framework:
    PHP Code:
    <?php 

    session_start
    ();   //Start session

    $Written=false;  


    if ( !isset(
    $_SESSION['Written']) ) {  // If not set the variable yet (this met only the first time)      
            
    $_SESSION['Written']=true;      
    } else{
           
    $Written=true;
    }


    echo 
    'Written: '.$Written."<br>\n".'SESSION[\'Written\']:  '.$_SESSION['Written']."<br><br>\n\n";


    if ( !
    $Written ) { // The first time the variable is false. The next times is true (file already written)
          
    echo "Write POST Data to File...<br>\n";
         
    // Read your $_POST and save to external file code here  
    } else{
         echo 
    "Data already written.. <br>\n";
    }

    ?>
    Regards!

    Kostas
    K. Zotos online portfolio: http://www.in3d.eu

  11. #11
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287

    Hmm...

    Quote Originally Posted by joshstrike
    what jumps out at me as a way to make the data in $_POST expire is to include a timestamp, so you know if certain data has gone stale...and/or has already been written...
    Timestamp? I'd like to know about this...!


    As for what Kostas Zotos said about sessions, is there any way of making a session and or cookie that only lasts for long enough for the page to load once, and then does not get written again until the data is sent again, only with a new value?

    Thanks!
    --SumWunGye

  12. #12
    http://www.in3d.eu Kostas Zotos's Avatar
    Join Date
    Jul 2007
    Location
    Athens - Greece
    Posts
    408
    Hi,

    Maybe use the onLoad event of HTML to inform PHP that the page loaded
    Also you may save the POST variables to their session equivalents and once new POST data sent, just compare these values with the last stored in session and only write in your file the ones that are different from the old..

    Note: Session data stored in the client (user) environment and can be readable (is not encrypted or protected)

    A simple example would be:
    PHP Code:
    session_start();

    $UpdateName=false;

    if ( 
    $_POST['Name'] != $_SESSION['Name'] ){
       
    $UpdateName=true;
       
    $_SESSION['Name']=$_POST['Name'];
    }


    $UpdateQuantity=false;

    if ( 
    $_POST['Quantity'] != $_SESSION['Quantity'] ){
       
    $UpdateQuantity=true;
       
    $_SESSION['Quantity']=$_POST['Quantity'];
    }


    If (
    $UpdateName && $UpdateQuantity) { // If both are changed
      
       //  Write the updated Data in your file


    Note: the example is vary basic. You may want to check your input POST data for validity, security, remove any possible inappropriate values etc..

    Kostas
    K. Zotos online portfolio: http://www.in3d.eu

  13. #13
    http://www.in3d.eu Kostas Zotos's Avatar
    Join Date
    Jul 2007
    Location
    Athens - Greece
    Posts
    408
    Hi,

    I'd like to fix something, cookies stored in the client side, while sessions stored in the server in a default directory or in a location specified by the "session_save_path()" function..

    Kostas
    K. Zotos online portfolio: http://www.in3d.eu

  14. #14
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    Sorry I couldn't get back sooner, my internet's been down since last Tuesday.

    Quote Originally Posted by Kostas Zotos
    Maybe use the onLoad event of HTML to inform PHP that the page loaded
    ...I don't think It'll work that way; I need the page to know when the $_POST data has been sent for the first time. If it has been sent once before, if the page has loaded the data once before, or even if data that is duplicate to the data from before, I want the page to know this. I want the page to ignore any duplicate info, and go on with the code, ignoring it. If it is different than before, if it is the first time it has been sent, or if it has been sent again with new data, I want to page to know that, and carry out the necessary code, then ignore the data if the page is refreshed. I hope someone has a way of doing this...
    --SumWunGye

  15. #15
    Bearded (M|G)od MyFriendIsATaco's Avatar
    Join Date
    Dec 2002
    Location
    Awesomeville.
    Posts
    3,045
    Why not check if the data is a duplicate from within PHP? I'm assuming you are using a database. You can check for a duplicate entry.

  16. #16
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    (If only I knew how...)
    --SumWunGye

  17. #17
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287
    Okay, new question...

    Is it possible to send data from flash to PHP so it can be deleted by PHP when necessary? I mean, like, getURL("website.com", _self, "DELETABLE_POST"); or something, as opposed to "POST" since POST can't be deleted.

    Maybe I could use "GET"? If that would work...

    If you can still answer the first question, then go ahead...
    --SumWunGye

  18. #18
    Bearded (M|G)od MyFriendIsATaco's Avatar
    Join Date
    Dec 2002
    Location
    Awesomeville.
    Posts
    3,045
    Those variables, GET and POST cannot ever be deleted. I think you're missing the whole concept of those.

    If you hit refresh on the page, no matter what you do, the entire request is sent again no matter what. So even if you did delete the POST array, it will just be resent with new headers.

    Whatever you're doing, you're just approaching this completely wrong. There is no need to ever delete the POST array.

  19. #19
    Musical chair sumwungye's Avatar
    Join Date
    Jan 2008
    Location
    Planet Earth, third planet from the Sun
    Posts
    287

    Okay, fine then...

    Quote Originally Posted by MyFriendIsATaco
    Those variables, GET and POST cannot ever be deleted.
    Well then forget them: is there any way to do what I said before?

    Quote Originally Posted by sumwungye
    Is it possible to send data from flash to PHP so it can be deleted by PHP when necessary? I mean, like, getURL("website.com", _self, "DELETABLE_POST"); or something, as opposed to "POST" since POST can't be deleted.
    --SumWunGye

  20. #20
    Bearded (M|G)od MyFriendIsATaco's Avatar
    Join Date
    Dec 2002
    Location
    Awesomeville.
    Posts
    3,045
    No. I should have rephrased my answer a bit better.

    ANY requests sent from Flash will be resent on a page load. Even if you used a different method, the whole request would be sent again with no recollection of it being previously sent. You need to manage that with your server side script, it's not the browser's job.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center