Page 1 of 1

Session Variables Showing After Destroy and Back Button

Posted: Mon Apr 04, 2011 2:58 pm
by phpsupernova
Problem:
limit users from clicking the back button to re-submit session data to a MySQL database.

My attempted solution:
Destroy session so session variables will not fill form when back button is pressed. Unfortunately, my solution does not work because even after I've destroyed the session, variables are still filling a form on a previous page when the back button is clicked.

Background:
I have a three page process that uses a form page. a preview page, and a thank you page, for submitting information into a MySQL database. The form page posts all entries to $_SESSION variables. The preview page displays $_SESSION variables. From the preview page the user can submit the previewed information to the MySQL database. After the submission is completed a thank you page is presented. The thank you page includes a php session destroy.

By using variable checking, I'm able to keep a simple refresh of the thank you page from adding redundant entries into the database. However, if the user simply hits the back button in the browser, the $_SESSION variables are still filling the preview page. At which point they can simply click the submit button to add another database entry. My goal is to make it a little more difficult for a user to add another database entry.

Apparently php session destory is not a good solution because the $_SESSION variables are cached or something. What is the best way to attack this?

A back button redirect to the website homepage from thank you page would be a good solution. But I don't know of a way to implement this.

Re: Session Variables Showing After Destroy and Back Button

Posted: Mon Apr 04, 2011 3:26 pm
by cpetercarter
Instead of trying to destroy the session, why not add a new session variable to flag that the data has been sent to the database.Your script would check to see whether this flag was set, before adding a new database row. This would effectively prevent your users from submitting more than one set of data per session.

Re: Session Variables Showing After Destroy and Back Button

Posted: Mon Apr 04, 2011 7:10 pm
by phpsupernova
cpetercarter, your idea sounds much better than mine. I just have to figure out how to do what you said, but I like the end result you described. Thanks.

Re: Session Variables Showing After Destroy and Back Button

Posted: Mon Apr 04, 2011 7:35 pm
by phpsupernova
cpetercarter, your advice appears to be working perfectly. Thanks again!