So you are generating a ticket id which you need in the following form submit. Yes its better to keep it in hidden variable in form.

But apart from that you can store the generated ticket id in session and can destroy after using it.

If this ticket id is unique for a particular session at a time, then you can store it in database with a key of session id and can retrieve and clear the id when form is submitted.

If it is possible, then generate the ticket id when the form will be submitted. In this way no question of storing the ticket id in hidden variable or session or database.

Actually there might be lots of other ways but for a complete and specific suggestion please share some more of your scenario.

Update:

Based on your update, I think you need to maintain a running_transactions table.

It will have

• event_id (pointing to the selected event)
• ticket_type_id (pointing to the type of ticket user wants to buy)
• ticket_id (an unique id generated by your algorithm)
• person_details (pointing to details provided by the user)
• and so on ( may include other payment or transaction status related information)
• id: the unique identifier of this table.

Now on starting up the buying process

• Create a running_transaction entry which will be almost empty.
• Save the id of this table in the session. So for every subsequent request you will find the corresponding running_transaction entry by this id.
• This entry will be updated with more values in each phase of buying the ticket. Like, after “step 1” you will have a ticket id.
• Eventually when the ticket will be bought successfully and you will receive the payment confirmation, you will mark this running_transaction as completed.

Probably you already have something to track these information, so you can accommodate the above way in that table also. Perhaps you will find better names than what I provided 🙂