Page 1 of 1

Back button re-executing script?

Posted: Tue Sep 13, 2005 4:25 pm
by tobyw_1969
I am no PHP expert, and I'm trying to implement a basic shopping cart. It works like this

productinfo.php ---- product info page with 'add to cart button'. This button then calls a hyperlink to the next page like so <a href='additem.php?id=<?php $id?>'>

additem.php --- this page then adds to a basket array based on the $id it receives. There is a link on this page to..

checkout.php -- this lists the current orders..

It's all working fine, but the problem I have is that if the user hits the back button from checkout.php, they arrive back at additem.php - which then re-executes, causing the item to be added to their basket again.

Is there some way I can prevent this from happening? Like some way to 'kill' the page once it's executed, and not have it run again when it is returned to with the back button? Or is it just a flaw of my process, and is there a better way to do this kind of thing?


Thanks for any help you can give me.

Posted: Tue Sep 13, 2005 5:10 pm
by tobyw_1969
Ok - I found a way to avoid this, by adding a random number to the URL, and pushing the random number into an array. Then I can check to see if that number has already been used, and die accordingly. Seems very complicated solution though - isn't there a better way?

Posted: Tue Sep 13, 2005 5:27 pm
by Ambush Commander
Do it the other way around. On all pages that could possibly add items to cart or execute post functions, issue a token to the user. The user sends that token along with the post data. Store the token in a database.

Once the post action is done, the token is invalidated, and any other requests that try to use the same token will throw an error.

Have a cron job remove tokens that are more than, say, 12 hours stale.