|
Posted by Jose Angel Sanchez on 02/09/05 15:49
Hi
First of all: I'm sorry for writing errors - I don't speak English too
much (spanish)
I'm building an application which works that way:
I use url parameters to set zone (document location), actions and
params.
I've badly make security part so only registered people
($_session['USER'] <- which is set after check Login/pass form) can
access different zones but my problem is on refreshing page that
contains action
i.e.
http://www.mypage.com?index.php&zone=contact&action=newcontact&name=geor
ge
only registered/valid users can make this zone code runs
my pseudocode basicly works this way:
function contactzone (no params)
get URL parameters (like $action=$_get['action']
<some code>
switch ($action)
case 'new'
$html.= show form (on submit set action to
'newcontact'
break;
case 'newcontact'
Insert on database
On success -> $html
Default
Show simple $html
}
<some code>
return $html
My problem is on refresh or back events on navigator; the action will
execute again.
How do I prevent that? Session variables? Check a single table storing
used hashes sent by form (generated with md5 or any) on all forms
containing actions event for all tables? What do you think?
Sorry again and thx for reading and helping :D
j0n3
Navigation:
[Reply to this message]
|