Posted by Mirco Blitz on 02/10/05 15:34
After first authentification of the user i prefere session. I can be sure
that this is the user who autht himself to me, caus the session is unique.
-----Ursprüngliche Nachricht-----
Von: Jose Angel Sanchez (Jone) [mailto:jassuarez@mi.madritel.es]
Gesendet: Mittwoch, 9. Februar 2005 14:49
An: php-general@lists.php.net
Betreff: [PHP] Refresh Problem
Hi
First of all: I'm sorry for writing errors - I don't speak English too much
(spanish)
I'm building an application which works that way:
I use url parameters to set zone (document location), actions and params.
I've badly make security part so only registered people ($_session['USER']
<- which is set after check Login/pass form) can access different zones but
my problem is on refreshing page that contains action
i.e.
http://www.mypage.com?index.php&zone=contact&action=newcontact&name=geor
ge
only registered/valid users can make this zone code runs
my pseudocode basicly works this way:
function contactzone (no params)
get URL parameters (like $action=$_get['action']
<some code>
switch ($action)
case 'new'
$html.= show form (on submit set action to
'newcontact'
break;
case 'newcontact'
Insert on database
On success -> $html
Default
Show simple $html
}
<some code>
return $html
My problem is on refresh or back events on navigator; the action will
execute again.
How do I prevent that? Session variables? Check a single table storing used
hashes sent by form (generated with md5 or any) on all forms containing
actions event for all tables? What do you think?
Sorry again and thx for reading and helping :D
j0n3
--
PHP General Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php
[Back to original message]
|