PHP method to solve and avoid repeated form submission

When submitting a form in PHP, the page may suddenly load slowly due to network speed, etc. If the user repeatedly clicks the submit button, multiple pieces of data will be generated in the database, resulting in an uncontrollable situation. So how to avoid and solve this problem? Let’s take a look below.

Preface

Why should we avoid repeated submission of forms? Because we don’t want our server to repeatedly process unnecessary data, and we also avoid our database from generating duplicate data. Avoiding repeated submission of forms is also a way to make our website safer.

Let’s first take a look at the circumstances that may lead to repeated submission of forms. Knowing the circumstances under which repeated submission of forms may occur can help you deal with the situation of repeated submission of forms from the root cause.

The following situations will cause the form to be submitted repeatedly:

Click the submit button twice.

Click the refresh button.

Use the browser back button to repeat the previous operation, resulting in repeated submission of the form.

Use browser history to submit forms repeatedly.

Repeated HTTP requests by the browser.

The webpage was maliciously refreshed.

The following are several solutions:

1: Use js to set the button to turn gray when clicked

<form name=form1 method=”POST” action=”/” target=_blank>

<p>

<input type=”text” name=”T1″ size=”20″>

<input type=”button” value=”提交” onclick=”javascript:{this.disabled=true;document.form1.submit();}”>

</p>

</form>

After clicking the button, it turns gray and cannot be clicked. If the user needs to submit the form again, he must refresh the page and refill the data before submitting.

Two: Use session

to put a special mark in session. When the form page is requested, a special character string is generated, stored in session, and placed in the hidden field of the form. When accepting and processing form data, check whether the identification string exists, immediately delete it from the session, and then process the data normally.

If it is found that there is no valid flag string in the form submission, it means that the form has been submitted and the submission is ignored.

This gives your web application a more advanced XSRF protection

When loading the submitted page, a random number is generated,

$code = mt_rand(0,1000000);

is stored in the hidden input box of the form:

< input type=”hidden” name=”code ” value=””>

The PHP code on the receiving page is as follows:

<?php

session_start();

if(isset($_POST[‘code&#39;])) {

if($_POST[‘code&#39;] == $_SESSION[‘code&#39;]){

// 重复提交表单了

}else{

$_SESSION[‘code&#39;] =$_POST[‘code&#39;]; //存储code

}

}?>

## Three: Using cookies

session, but cookies Once the user's browser disables cookies, this function will be invalid

if(isset($_POST[‘submit'])){

setcookie(“tempcookie”,””,time()+30);

header(“Location:”.$_SERVER[PHP_SELF]);exit();

}

if(isset($_COOKIE[“tempcookie”])){

setcookie(“tempcookie”,””,0);echo “您已经提交过表单”;

}

Four: Use header function to jump

if (isset($_POST[‘submit'])) {

header(‘location:success.php');//处理数据后，转向到其他页面

}

Five: Use the database to add constraints

Six: Post/Redirect/Get mode.

Post-Redirect-Get (PRG) mode. In short, when the user submits the form, you perform a client-side redirection and go to the submission success information page.

if (isset($_POST[‘action']) && $_POST[‘action'] == ‘submitted') {

//处理数据，如插入数据后，立即转向到其他页面

header('location:submits_success.php');

}

Summary

Login, registration and password modification functions implemented in PHP

PHP Detailed explanation of anonymous functions and precautions

Usage of call_user_func_array callback function in PHP

The above is the detailed content of PHP method to solve and avoid repeated form submission. For more information, please follow other related articles on the PHP Chinese website!