Insertion of blank data in MySQL database when refresh

[w3schoon]

Nice be with you everyone! My problem is: Every time I refresh my showDatabaseCatalog.php there is always insertion of blank data in MySQL database? Can anyone help me how to stop this undesirable insertion of blank data in MySQL database when refresh? Thank you.

[justsomeguy]

Before you do your insert check if you have data, it sounds like you're always inserting regardless of what happens.

[w3schoon]

Yes, There is a data before submitting the form. My problem is this,

$name=$_POST['name']; $price=$_POST['price'];$inserted="INSERT INTO students (name, price) VALUES ('$name', '$price')";mysql_query($inserted);

Every time I refresh showDatabaseCatalog.php with these codes, it always duplicating the last data inserted from the form or if I direct open showDatabaseCatalog.php without submitting, it insert blank data in the MySQL database when refresh?

[justsomeguy]

If it's inserting blank data then you're not checking if $_POST contains anything before inserting. This thread has an example of how to check if a form was submitted: http://w3schools.invisionzone.com/index.php?showtopic=12509 If you want to stop it from inserting duplicate data, then your options are to either store the data you just inserted in the session and, if the form was submitted you should compare the submitted data with the last data from the session and don't insert if they are the same. Or, after you insert you can send a location header to redirect the user back to the same page which will clear the post data if they refresh.

[w3schoon]

Thanks for the thread http://w3schools.inv...howtopic=12509. Now I know where should I start. While reading your thread, I see this (below) & tried to used in my web page & it works!

<?phpif (isset($_POST['submit_button'])){  //the form was submitted}?>

My next problem is how to follow your next advice...

If you want to stop it from inserting duplicate data, then your options are to either store the data you just inserted in the session and, if the form was submitted you should compare the submitted data with the last data from the session and don't insert if they are the same. Or, after you insert you can send a location header to redirect the user back to the same page which will clear the post data if they refresh. -justsomeguy

My question is: Where do PHP store $_SESSION variables? If Cookies are stored at Google Chrome's toolbar > Settings > Advance Settings > Privacy > Content Settings > All cookies and site dataWhere are sessions data? Edited February 15, 2013 by w3schoon

[Mudsaf]

$_SESSIONS is stored on server unlike cookies stored on browser cache. So you can easily create login areas with sessions.

Cookies - ClientSessions - Server

Also you can check if posts ain't empty by

if (isset($_POST['mydata']) && !empty($_POST['mydata'])) { //Checks if exists and not empty//Dosomething}

And on if you dont have magic quotes enabled on your server your website is vulnerable for sql injections. I usually do it like code below.

if (get_magic_quotes_gpc()) { //MAGIC QUOTES ENABLED//Magic quotes enabled$name=$_POST['name'];$price=$_POST['price'];} else {$name=mysql_real_escape_string($_POST['name']);$price=mysql_real_escape_string($_POST['price']);}

Edited February 15, 2013 by Mudsaf