0

PDF Generation Dependent on $_POST

I generate a PDF in my browser, using a PHP script, where the PDF-generating script depends on variables sent to it through POST. When POST is empty, PDF cannot be generated and it issues a warning saying "PDF Must be Regenerated".

Certain situations triggered POST array being empty, namely, if I hit browser's Refresh button while being on the page with PDF, for whatever reason, POST data does not get resent and there is no prompt asking me to resend it, it just becomes empty and the script detects it and the warning is issued. The warning is PDF Must be Regenerated, which is what I put in when POST array is empty in my code.

PDF Generation Workaround Dependent on $_SESSION

So a work-around I did is to save POST data to SESSION and then use SESSION when POST is empty. Like below:

if (empty($_POST))
{
    // try restore from session first
    $_POST['product_count'] = $_SESSION['product_count'];

    if (empty($_POST['product_count'])) // if we failed.. session is empty
    {
        print 'PDF Must be Regenerated';
        exit();
    }
}
else
{
    //save POST into SESSION
    $_SESSION['product_count'] = $_POST['product_count'];
}

Browser's Save feature tries to generate PDF after SESSION expires

And all was well and fine until users started noticing a certain behavior:

  1. They generate PDF using script
  2. Leave the browser idle for a while doing other business, until SESSION expires behind the scenes
  3. Then they use browser's Save-As feature to save the PDF.

The browser, instead of saving PDF from memory (PDF is still visible inside the browser), browser our company uses (Mozilla), makes a request to the server, asking for a fresh new copy of the PDF. But ... while doing so, POST is empty because POST is not being resent, and SESSION is empty because SESSION has expired during the idling stage.

This results in a corrupted PDF, where PDF is actually an ASCII text file containing words PDF Must be Regenerated. Users don't notice it until it is too late.

But, Mozilla apparently makes a call to the server, PHP scripts pass the user login credentials test, but all the while having empty POST and SESSION, resulting in corrupt PDF.

Login credentials check does not depend on SESSION and to be honest I can't yet tell what it depends on because I can't easily reproduce the issue so I can't readily test.

The work-around is obviously to save PDF soon after it has been generated, before SESSION expires, but user is "always right" and I want to let the user to be able to save the PDF even when SESSION expired. My question is "how".

How? What can I do?

Dennis
  • 7,907
  • 11
  • 65
  • 115
  • It doesn't seem like if you had a pdf open in the browser it should try to pull it down from the server again before printing unless the CACHE (not the session) expired. Have you tried explicitly telling the browser how long to cache the pdf with headers? – developerwjk Mar 13 '15 at 22:14
  • I have not tried that. I'll see what I can do... – Dennis Mar 13 '15 at 22:24

1 Answers1

0

The pdf thing seems surely a bug on the browser. but regardless, you want to use GET.

post is to execute an action and the browser correctly do not re-issue that request. From your description it does not seem viewing the pdf is executing an action.

if you use GET, it means get me this data with those parameters. and the browser will handle it accordingly.

if it is the result of an action, then break the action and the report into two requests. for example, make viewing the resulting PDF report a link in the response for the action. you can see this pattern when you buy someone online for example. the payment POST request gives you a link via GET to the invoice.

gcb
  • 13,901
  • 7
  • 67
  • 92
  • I may need to rewrite parts of my code.. because I used POST for a reason. I am passing large variables via POST to the PDF-generating script. GET will definitely not be a good vehicle for variables this large, which is a few kilobytes each. – Dennis Mar 13 '15 at 22:22