What is the most sensible mechanism by which to maintain/resubmit POST variables between pages?

Potentially silly question, but I'm looking for the most sensible mechanism by which to maintain and "resubmit" POST variables. Basically the workflow is as follows:

STEP 1) Select charges to pay, and enter payment info

STEP 2) Display confirmation/summary page with option to "PROCEED WITH PAYMENT" or "EDIT INFO"

STEP 3) Return to "edit" form or send data to be processed.

I'm currently using a single page for all actions (just one giant SWITCH based on an "action" var) and submitting the information. The problem I'm having is that between the "confirmation page" and either option, I'm losing my POST data (which I understand). What I need now is a way to preserve that data without duplicating the input fields in each SWITCH section. Below are a few options I've considered. Feel free to comment on the merits or stupidity of each:

1) serialize it to a SESSION var then unserialize it?

2) simply key/value it into a SESSION array?

3) recreate every INPUT for each "form" presented and refill the values

4) put the SWITCH inside a single form and only display relevant portions

5) I would handle it all with Javascript (sort of a faux submission technique), but there is currently processing that occurs between the initial form and the summary and ajaxifying that would be a beast atm.

What's the recommended course of action for th开发者_StackOverflowe classic INPUT->CONFIRM->PROCESS process? It'd be amazing if I were just missing something über obvious/simple.

FYI: Currently using PHP 5.1.6

Best!

EDIT 1 Clearly using individual pages for the various functionality is desired. The only reason I'm not using separate pages is because other pages are dependent on this one page and management won't allow a clean break at this point in time. It was poorly constructed over 3 years ago and is just now being partially addressed.

At this point I'm using:

 foreach($_POST as $key=>$value)
      <input type="hidden">.......

...in order to achieve the desired goal.

---

1. serialize it to a SESSION var then unserialize it?

2. simply key/value it into a SESSION array?

   Very bad. Clicking "Confirm" should always confirm what is being displayed on the page, not what happens to be in some nebulous session stored on some server somewhere (which may not be the same server that served the previous request if you have a load-balanced cluster).

   There are plenty of websites out there which will try to detect when you press the back button and display an error page, probably for related reasons.

3. recreate every INPUT for each "form" presented and refill the values

   You need to do this anyway for the "go back to editing" page.

   What's hard about <input type="hidden" ... /> in a loop on the confirmation page?

4. put the SWITCH inside a single form and only display relevant portions

   You mean stick all the inputs in display:none for the confirmation page? That feels ugly too.

---

Firstly, breaking it up into multiple pages might be a good solution but I don't know your specific needs.

1 and 2 are bad ideas. That being said, I don't know what you gain out of serializing and unserializing to a session variable that you don't get with simple key value pairs in the session. Session management gets pretty hairy if you are running multiple servers behind load balancers

4 Just sounds odd. I don't know what the switch gives you here. If you ever have to use conditional logic to display a completely different functionality to the user, it is probably better of being on a separate page.

5 Faux submission? Just sounds like a kludge. You mean send the data back to the server and return the same data back and display the confirmation div? Why not just use Javascript and manipulate the DOM at that point? Nevertheless bad idea.

Just repost the parameters to the confirmation form and populate the confirmation fields accordingly. (Standard process). I think that is what 3 is but I suggest you use a different page for each step. Just keeps things clean.

---

I actually ended up using

<?$forward_post_data = base64_encode(serialize($_POST));?>

<input type="hidden" value="<?=$forward_post_data?>"/>

...I then decode it as necessary. It works perfectly.