|
|
Posted by John Nichel on 02/09/05 20:45
Ashley M. Kirchner wrote:
<snip>
> I know I can't disable the back button, or clean out someone's
> browser history, so I'm looking for other ways, server-side perhaps,
> that I can implement to prevent someone from reloading the upload.php
> page and try to upload another file (which will generate an error
> because the Java applet still has the old data in its variables. This
> is just the way it works.)
>
> Can I rely on referrers on upload.php to see where a hit came from?
> Or should I redirect to an interim page that simply redirects again to
> the thankyou.php one (which won't stop someone from hitting back twice,
> but it's just an extra thing.) What (other) ways have people found that
> works?
Set a session variable when the upload is done. Check for the existance
of this variable before allowing the 'upload' portion of your to execute....
if ( ! isset ( $_SESSION['upload'] ) ) {
// do your upload stuff
$_SESSION['upload'] = true;
} else {
// don't allow it to upload
echo ( "Sorry, you've already uploaded." );
}
--
John C. Nichel
ÜberGeek
KegWorks.com
716.856.9675
john@kegworks.com
[Back to original message]
|