|
|
Posted by mtuller on 11/20/07 19:23
On Nov 20, 10:58 am, Erwin Moller
<Since_humans_read_this_I_am_spammed_too_m...@spamyourself.com> wrote:
> mtuller wrote:
> > I have a page that submits data to a database, and I want to make it
> > so that if the page is refreshed, it doesn't submit the information
> > again. I am trying to use unset the variables so that if the page is
> > refreshed, it will not submit again. I saw a post about setting a time
> > delay of something like 30 seconds, but would prefer just to unset the
> > variable. I can't seem to get it working. Here is a snippet of what I
> > have:
>
> > echo 'First Name: '.$_POST['First_Name'];
>
> > if (isset($_POST['First_Name']))
> > {
> > ... if it is set, submit to the database
> > }
> > else
> > {
> > echo '<h2>There is no data to submit. To enter a nomination, <a
> > href="index.php">Click Here</a></h2>';
> > }
>
> > unset($_POST['First_Name']);
>
> > echo 'First Name: '.$_POST['First_Name'];
>
> > The first echo displays what was submitted in the form, the second
> > shows that the variable is empty. When I refresh though,
> > $_POST['First_Name'] contains the data from the form again.
>
> > Can someone explain how they would go about making sure that when a
> > page is refreshed that data is not submitted again, or explain to me a
> > way to get what I have started working?
>
> Hi,
>
> $_POST is populated again for each request.
> If a visitor refreshes a page that was the result of a previous post, a
> decent browser asks the user if (s)he wants to resubmit the page.
>
> So unsetting the superglobal $_POST is of no use at all.
> I don't know where you found that trick, but my advise is to avoid any
> more tips from that same author.
>
> A better approach to your problem is:
> 1) create a page with the form, eg mypage.php
> 2) Make the action of the form mypage_submit.php
> 3) in mypage_submit.php do whatever it is you need to do with the posted
> info, like inserting into a database.
> 4) When finished, direct the browser to another page, eg thankyou.php as
> follows:
> header("Location:http://www.example.com/thankyou.php");
> exit;
>
> This will force the browser to load thankyou.php.
> If somebody presses reload on thankyou.php (s)he will see that page
> again without resubmitting the form.
>
> NEXT PROBLEM: BACK BUTTON:
> Of course, they can go back using the back-button and repost it again.
> Against that, not a lot can be done reliably.
> If somebody really wants to resubmit the form, well, they will.
> I saw a few tricks involving all kinds of headers, but in my experience
> none work reliably. (I could be wrong. http can be quite confusing)
>
> If you REALLY need to avoid this behaviour, you should start using
> 'tickets'.
> One simple approach that uses the idea of tickets:
> 1) generate a random string and put it into your form with a hidden
> formelement.
> eg:
> <input type="hidden" name="ticket" value="KJHIUTJGHGDFHKGKJGHHFFDSG">
>
> 2) Let your receiving script store this ticket in the DB, but only if
> that ticket isn't found already.
>
> Hope this sheds some light on it.
>
> Regards,
> Erwin Moller
Thanks. Redirecting to the thank you page will work for me.
[Back to original message]
|