Page 1 of 1

Preventing back button press and resubmitting

Posted: Wed Aug 22, 2007 1:48 am
by kkonline
Hi i am making a form which has name and code (captcha image) as fields to be entered. I have given a timeout of x so if the form is submitted after x secs then it will print timeout and also used a token verification..

The problem

If the user submits a data then processing is fine. But when he presses the back button of browser and submit again then the captcha image remains same. [but changes when the form is refreshed] So the user in this case submits the form presses back and then submits the form and floods my database with same data again and again. Is there a way so that when user presses back button then the captcha image refreshes. Or some other simple solution?

Posted: Wed Aug 22, 2007 2:21 am
by Christopher
Redirect to a completion page after the form is validated.

Posted: Wed Aug 22, 2007 2:36 am
by kkonline
arborint wrote:Redirect to a completion page after the form is validated.
How will this help in preventing from pressing back button and resubmitting the data?

Posted: Wed Aug 22, 2007 3:56 am
by CoderGoblin
The redirect actually replaces the the page url in the history. Effectly the original page does not exist so you cannot "back" to it.

How to redirect

Posted: Wed Aug 22, 2007 12:33 pm
by kkonline
CoderGoblin wrote:The redirect actually replaces the the page url in the history. Effectly the original page does not exist so you cannot "back" to it.
I understand that. Now i will have 3 pages
1> form page
2> processing
3> another page for url refreshing of browser

My doubt is to how to redirect from the processing page as i don't have any input field in that processing page so i cant post to refresh.php (say the 3rd page) .

How do i redirect to that refreshing page after processing?

Posted: Wed Aug 22, 2007 12:41 pm
by CoderGoblin
The form and form processing are normally done on the same page /within the same php script...

Code: Select all

<?php
   if (!empty($_POST['checkform'])) { // or whatever
       // Validate entries and set something like $valid=1 or an error message
       if ($valid) {
         header('Location: http://mysite.com/nextpage.php');
         exit;
       }
   }
   // Get what you need for output
   // Output including form unless you have it below the end of the php block.
?>
Makes processing and maintenance easier than having 1 form and one processing page. Consider that this way you know what errors there are and can adjust the form accordingly.

There is nothing stopping you from redirecting to the same page. All that will happen is that the $_POST array will be empty.

Posted: Wed Aug 22, 2007 1:08 pm
by kkonline

Code: Select all

if(! $fault){
echo "received the content";
         header('Location: http://ieeevit.org/form/index.php');
         exit;
}
I want to show the message that we have received the data and then redirect to the original form.

The above code gives only the echo part and no redirect
and if i echo after redirect then the message is not shown but directly redirected. Any solution ?

Posted: Wed Aug 22, 2007 1:24 pm
by GloriousEremite
I can think of two options. Either use a query string in the location (e.g., index.php?success=1) and then use some php to output a message if the value is set, or redirect to a different page, which will handle the redirect (through meta redirect or javascript I guess).

Posted: Wed Aug 22, 2007 3:26 pm
by superdezign
I think a timed meta refresh should do the trick.

Posted: Thu Aug 23, 2007 12:53 am
by Kieran Huggins
You could also give each form a hidden field with the value of the current timestamp (or something), then store that value in a session array. If a duplicate comes up: "Sorry, you can only submit this form once "