when a form is filled and send, if you refresh the page, its says that the form will send again. (submit the form again).
What is a good way to prevent this from happening? or kill this session?
any guidance in this?
thank you
After processing the POST informations, do a
header('Location: your_url');
exit();
You can use AJAX to send POST variables to server, so refreshing browser window problem will not be a problem.
If you keep displaying the form there is no reason to prevent this.
Otherwise - i.e. after the form has been submitted successfully - store any messages you need to display in your session and then redirect to whatever page you want to display. This ensures the user is moved away from the POSTed page.
Related
I have a submit button for logging into my PHP/MySQL system. However, I would like to able to log in and at the same time take the credentials and store them in indexedDB when the button is clicked, is there any way of achieving 2 actions at the same time. So far if I include my javascript code for submitting to indexedDB, the login does not work, and if I remove the code, the login works.
What you could do is have your form take you to your first page, then do both the actions with all the data send to your form.
With a simple HTML/PHP form, this is simple. Submit the form to a new PHP page using action="submit.php". Then do your indexedDB call on this page, and echo out a copy of the form, complete with the data (POST or GET), but with your login page as the newactionthen echo a` tag like so:
echo "<script>document.getElementById('myForm').submit();</script>";
Then it will login via your login page.
If you want to save data in IndexedDB before logging in the user:
You can achieve this by calling a javascript function onSubmit. And inside that function, you can hit a GET/POST URL to save data in Indexed DB.
OR if you want to perform this task on the server side then One way of doing this is: Upon successful login or while verifying user's credentials, you can call a function to save data in your indexedDB. This function could be sync or async.
onclick="doSomething();"
function doSomething(form){
// do something
// do something else
// Finally submit the form
form.submit();
return true;
}
seperate with two ;
onclick="doSomething();doSomethingElse();"
You're good to go!
The scoring software I am working on should submit and store date in a DB. However re- submitting an action is not allowed in this sport. So I want to disable the page back functionality to avoid re-submitting the same (or revised) data. Any php or javascript solution is welcome. I do realize the opinions posted that the page back function should not be disabled principally but in this case it would be very helpful however.
Use $_SESSION to avoid re-submitting: Set a session variable on submit and if it's set don't process a second submit.
However the user could remove browser cookies and re-submit. If your casuistic needs to prevent it too, store the submitting ip in the database.
PS: About refresh, use Post/Redirect/Get: https://en.wikipedia.org/wiki/Post/Redirect/Get
Short:
Is there a way to send POST data from a intermediate PHP page to another resultant page?
Long:
I have a page, let's say A.php where a form is present. The data is filled in the form, and send through POST to another page B.php
B.php checks the value and finds that the value entered is not correct (form validation). We redirect back to A.php with message "Invalid"
Right now I am sending data like this:
header("Location:A.php?msg=Invalid");
But I want to hide the msg part in URL from the user, by sending it in POST method or so.
I am not forced to use any particular method. This is just a project I am working on. So, please enlighten me.
So far I came to know that there is no way we can do that using header in PHP.
A better way to do this is to always post back to the same page. If there is an error you can then just display it without needing to redirect.
If there is no error then redirect to a results/response page.
The advantages of this are:
No need to send data that may be private through a redirect
If there was an error then refreshing the POST will continue to fail and will continue to only show the error message and allow the user to correct their mistake
If there was no error then the redirect will remove the POST operation and replace it with a new GET operation.
Refreshing the result page will not produce another POST operation, which might cause a problem with your data/database.
Example of what happens:
So first the browser sends a GET request for a.php.
On Form submission the browser sends a POST request for a.php.
If the code for a.php detects an error it just re-renders the same page with the form tags filled in with the POST values.
If the code for a.php does not detect an error then it does whatever it needs to do to save the data and then sends a redirect request for b.php.
The browser sends a GET request for b.php and removes the a.php from its history.
b.php displays some kind of thank you note or confirmation.
I have a 'contact us' html form and I'm giving gift for each member that click submit.
I want to make sure that a user doesn't submit twice (with different name and email).
I can disable the button after click, but what will be the best solution to prevent submit after page refresh?
Thanks
Is to directly redirect from your POST to a GET request or page. if he/she refreshed it will refresh the other page. this is named Redirect After Post and you can read more about it here and in WikiPedia
An Example can be found here.
Two things that you can do and you should do.
First disable the Submit button as soon as your client submits the form
with valid information in it. So that he/she accidently doesn't send
duplicate information in the form.
Second, which is more important. Is before you save this information in
your database whatever that is MySQL, MongoDB or etc. You perform a query
that checks whether the information provided by the user exists in your db
already or not. If not then proceed as you do but if it does you can do
error handling on the use case scenario as per your business logic.
<script>
if ( window.history.replaceState ) {
window.history.replaceState( null, null, window.location.href );
}
</script>
See https://stackoverflow.com/a/45656609/1066234
I know there are a lot of similar questions, but no solution worked for me.
I have index.php with a login form. When a user tries to login, then the login-datas are send to login.php this file checks if the username and password are valid.
If so, the file map.php shell be loaded.
The only working solution I found for this is:
header("Location: map.php");
But when the page is loaded the url is still ../login.php how can I change this?
Another problem is, if I go from pageB.php to pageA.php, doing some database changes, then redirecting from pageA.php back to pageB.php with header("Location: pageB.php"); then pageB.php is loading, but doesn't show the changed database entries, just the old ones. How can I force to reload the page for just ONE time (means no Refresh:X)?
Your question is a bit confusing but the best way to handle client redirection is using Javascript rather than the headers being sent back from PHP unless you are redirecting due to a 404, 403 etc.
For the login use case when the client provides their info fire off an ajax post event containing the form data. Process the data using PHP and send back a response to the Javascript. Based on the return message from PHP use the window.location API to redirect / refresh as needed.