Page 1 of 1

To prevent reposting of data by the user in the front-end

Posted: Thu Aug 02, 2007 5:10 am
by dream2rule
Hello All,

I am performing some action (insertion, deletion, etc). Each time i refresh the page, i get a pop-up message asking whether to post data or not.

What can i do to prevent this?

Are there any functions in PHP or MySQL to prevent this?

Thanks and Regards,
Dream2rule

Posted: Thu Aug 02, 2007 5:22 am
by dude81
this is mostly handled by client-side programming, one uses Javascript controls or functions.

Posted: Thu Aug 02, 2007 5:49 am
by dream2rule
any functions/methods in PHP or MySQL that could prevent re-posting of data by the same user again and again?

Posted: Thu Aug 02, 2007 6:15 am
by timvw
You can't stop the user from posting the same data over and over again.. (At best you can hope that the user-agent accepts headers to set the cache validity to sometime in the past)



What you could do is add a version number fo the post data... This way, you can verify is the data is still up to date, and accept the posted data... Or reject it... (I usually do this by adding a form + number in the user's session.. And each time i process a form, i verify if the number still exists... )

Posted: Thu Aug 02, 2007 6:45 am
by phpdevuk
I normally use a header redirect to take the user back to the form or index page after processing all the data. This eliminates the refresh-insert problem, also the back button will still ask a user if they want to re-post their data.

put this after you have done everything on your insert page

Code: Select all

header("location: finished-page.php");
exit();
obviously replacing finished-page.php with one of your choice.

Posted: Sat Aug 04, 2007 8:46 am
by feyd
Repeat the following ad nauseam: header() based redirection must use a full URL, "http://" and all, to be standards compliant.

Posted: Sat Aug 04, 2007 11:05 am
by davitf
1) Assign a randon number to your form as an input hidden field

2) Check if the number is already stored in a session var after submit

Posted: Sat Aug 04, 2007 11:26 am
by superdezign
phpdevuk wrote:I normally use a header redirect to take the user back to the form or index page after processing all the data. This eliminates the refresh-insert problem, also the back button will still ask a user if they want to re-post their data.
If you post to the same page, upon successful processing of the posted variables, you can simply redirect to the same page. Posted data is actually a PART OF the page being posted to, so if you redirect to the same URL, they will still be on the same physical page, but minus the posted variables. And header redirection "replaces" the current page request, so there's no worries with the back button.

Code: Select all

header('Location: ' . $_SERVER['REQUEST_URI']);