|
|
Posted by Mario de Frutos Dieguez on 04/19/05 08:27
Richard Lynch escribió:
>On Mon, April 18, 2005 9:42 pm, Chris Kay said:
>
>
>>unset($_POST['buttonNew']);
>>wont work?
>>
>>
>
>Sure it "works"
>
>It's just not useful in the context of this thread :-)
>
>How do you know to unset it the second time when they hit "refresh" (aka
>"reload") though?
>
>I should have said "won't solved that specific problem"
>
>You can change $_POST all you want, but it doesn't change that fact that
>that's what the browser *sent* to you.
>
>To reliable detect a "reload" of a page, you need to somehow change
>something in between "load" and "reload" and you have to tie it to that
>user, filling in that form, at that time.
>
>There's no easy way to do that unless *YOU* somehow notate each FORM you
>send out, and then mark it as "used" when it comes back.
>
>
>
>>On Mon, Apr 18, 2005 at 08:25:04PM -0700, Richard Lynch wrote:
>>
>>
>>>On Fri, April 15, 2005 5:08 am, Mario de Frutos Dieguez said:
>>>
>>>
>>>>I have another little question hehe :D, i have a page with a form
>>>>
>>>>
>>>where
>>>
>>>
>>>>the user insert data and can click in a new,edit or delete button.
>>>>
>>>>
>>>I've
>>>
>>>
>>>>make that when a button is clicked the page refresh and in the head of
>>>>the page i have conditions like this: if ($_POSt["buttonNew"]!="") {
>>>>insert commands.. } , etc
>>>>
>>>>My question is, how can i unset $_POST["buttonNew"] or leave it empty
>>>>because when the user refresh the page make insert commans again
>>>>
>>>>
>>>because
>>>
>>>
>>>>the $_POST["buttonNew"] arent empty.
>>>>
>>>>
>>>The POST data is sent by the browser, so you can't really alter that...
>>>
>>>But you can bury an http://php.net/md5 or other random token in the
>>>FORM,
>>>and put that token in a table in your database, and then on the first
>>>POST, you mark that token as "used"
>>>
>>>On the second POST, a re-load, you can detect that the token was "used"
>>>and do whatever you want. Re-direct the user, ignore them completely,
>>>give them an error message, blow up their computer. Well, okay, you can
>>>do almost whatever you want.
>>>
>>>--
>>>Like Music?
>>>http://l-i-e.com/artists.htm
>>>
>>>--
>>>PHP General Mailing List (http://www.php.net/)
>>>To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>>--
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>>
>
>
>
>
Thx for all, i do it and works perfectly :D
--
Mario de Frutos Dieguez
División de Ingeniería del Software
y Comunicaciones
CARTIF -Parque Tecnológico Boecillo
Navigation:
[Reply to this message]
|