supertrucker Posted December 29, 2006 Share Posted December 29, 2006 I created a php page that has a form that posts back to the same page, index.php. However, if someone clicks the browser reload button on the "Thank you for submitting!" page, the data is resubmitted. As long as they sit there and keep hitting reload, it will keep resubmitting. I tried the unset() function, but that doesn't actually clear the data from the browser bar that get's reloaded. I pass the data from the original form to the submit page using the "get" attribute. Would changing it to "post" deliver me from evil!? Simply putting a note, I'm afraid, on the web form that says "submit only once" is just asking for trouble! Help!Supertrucker Link to comment Share on other sites More sharing options...
yoshida Posted December 29, 2006 Share Posted December 29, 2006 You can transfer the data by using a session. Once the handler is done, end the script with session_destroy(); so the variables are unloaded from the server.On sessions: something is saved in a session using $_SESSION['variable']=$variable and loaded from the session using $variable=$_SESSION['variable']; (if you want to know more, look it up)Also, in the 'thank you for submitting' page you can also put this in the head of that page: <meta http-equiv="refresh" content="3; url=http://www.yoursite.org/index.html"> This is a fairly common autoforward command in which 'content' represents the delay time before refreshing to the new page. Link to comment Share on other sites More sharing options...
supertrucker Posted December 29, 2006 Author Share Posted December 29, 2006 Thank you! I forgot about the refresh method! I'm kind of learning PHP here on-the-fly, so still I'm trying to get the kinks out! I will also look into the session function. Thank you,Supertrucker Link to comment Share on other sites More sharing options...
yoshida Posted December 29, 2006 Share Posted December 29, 2006 You're me, eight months ago. No better way than trial&error. I'm fairly new at php too (as in 'no guru').Good luck. Link to comment Share on other sites More sharing options...
supertrucker Posted December 29, 2006 Author Share Posted December 29, 2006 You're me, eight months ago. No better way than trial&error. I'm fairly new at php too (as in 'no guru').Good luck.Thanks, I need it! Now I need to figure out how to create a script that will allow only specific users to logon for administrative functions. Link to comment Share on other sites More sharing options...
yoshida Posted December 30, 2006 Share Posted December 30, 2006 that's not too hard; have a user log in on a certain link (that is not seen on te webpage), check the database for the number of rows that contain the combination of username and password (usually 1) and if the login is valid have a session created (if (mysql_num_rows == '1') { $admin = 'valid'; $_SESSION['admin'] = $admin; }You can restrict parts of the script by statingif ($_SESSION['admin'] == 'valid') { display admin menu or function }Each admin script needs to check for the session as well. You can also set a cookie, since sessions usually expire after ten minutes.If you think this is unsafe, make no mistake. PHP is unsafe by definition. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now