Jump to content

Destroying variables in PHP


supertrucker
 Share

Recommended Posts

I created a php page that has a form that posts back to the same page, index.php. However, if someone clicks the browser reload button on the "Thank you for submitting!" page, the data is resubmitted. As long as they sit there and keep hitting reload, it will keep resubmitting. I tried the unset() function, but that doesn't actually clear the data from the browser bar that get's reloaded. I pass the data from the original form to the submit page using the "get" attribute. Would changing it to "post" deliver me from evil!? Simply putting a note, I'm afraid, on the web form that says "submit only once" is just asking for trouble! Help!Supertrucker :)

Link to comment
Share on other sites

You can transfer the data by using a session. Once the handler is done, end the script with session_destroy(); so the variables are unloaded from the server.On sessions: something is saved in a session using $_SESSION['variable']=$variable and loaded from the session using $variable=$_SESSION['variable']; (if you want to know more, look it up)Also, in the 'thank you for submitting' page you can also put this in the head of that page:

<meta http-equiv="refresh" content="3; url=http://www.yoursite.org/index.html">

This is a fairly common autoforward command in which 'content' represents the delay time before refreshing to the new page.

Link to comment
Share on other sites

Thank you! I forgot about the refresh method! I'm kind of learning PHP here on-the-fly, so still I'm trying to get the kinks out! I will also look into the session function. Thank you,Supertrucker :)

Link to comment
Share on other sites

You're me, eight months ago. No better way than trial&error. I'm fairly new at php too (as in 'no guru').Good luck.
Thanks, I need it! Now I need to figure out how to create a script that will allow only specific users to logon for administrative functions.
Link to comment
Share on other sites

that's not too hard; have a user log in on a certain link (that is not seen on te webpage), check the database for the number of rows that contain the combination of username and password (usually 1) and if the login is valid have a session created (if (mysql_num_rows == '1') { $admin = 'valid'; $_SESSION['admin'] = $admin; }You can restrict parts of the script by statingif ($_SESSION['admin'] == 'valid') { display admin menu or function }Each admin script needs to check for the session as well. You can also set a cookie, since sessions usually expire after ten minutes.If you think this is unsafe, make no mistake. PHP is unsafe by definition.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...