PHP prevents repeated submission of problems summary_PHP tutorial

When the user submits the form, the same record may be repeatedly inserted into the database due to network speed or the web page is maliciously refreshed. This is a relatively thorny problem. We can start from the client and server side together to try to avoid repeated submission of the same form.​

1． Use client script

When it comes to client-side scripts, JavaScript is often used for general input validation. In the following example, we use it to handle the repeated submission of the form, please see the following code:

When the user clicks the "Submit" button, the button will become gray and unavailable, as shown in Figure 5-6.

In the above example, the OnClick event is used to detect the user's submission status. If the "Submit" button is clicked, the button is immediately disabled and the user cannot click the button to submit again.

There is another method, which also uses the function of JavaScript, but uses the OnSubmit() method. If the form has been submitted once, a dialog box will pop up immediately. The code is as follows:

In the above example, if the user has clicked the "Submit" button, the script will automatically record the current status and increase the submitcount variable by 1. When the user attempts to submit again, the script determines that the submitcount variable value is non-zero. Prompts the user that the form has been submitted to avoid repeated submission of the form.

2． Use cookies

Use Cookie to record the status of form submission. Based on its status, you can check whether the form has been submitted. Please see the following code:

if(isset($_POST['go'])){

setcookie("tempcookie","",time()+30);

header("Location:".$_SERVER[PHP_SELF]);

exit();

}

if(isset($_COOKIE["tempcookie"])){

setcookie("tempcookie","",0);

echo "You have already submitted the form";

}

?>

If the client disables cookies, this method will have no effect. Please note this. For a detailed introduction to Cookies, please refer to Chapter 10 "PHP Session Management".

3． Use Session processing

Using PHP’s Session function can also avoid repeated submission of forms. Session is saved on the server side. The Session variable can be changed while PHP is running. The next time you access this variable, you will get the newly assigned value. Therefore, you can use a Session variable to record the value submitted by the form. If it does not match, it is considered The user is submitting repeatedly, please see the following code:

session_start();

//Generate random numbers based on the current SESSION

$code = mt_rand(0,1000000);

$_SESSION['code'] = $code;

?>

Pass random numbers as hidden values ​​on the page form, the code is as follows:

The PHP code on the receiving page is as follows:

session_start();

if(isset($_POST['originator'])) {

if($_POST['originator'] == $_SESSION['code']){

// Statement to process the form, omit

}else{

echo ‘Please do not refresh this page or submit the form repeatedly! ’;

}

}

?>

Regarding the content of Session, we will discuss it in detail in Chapter 10 "PHP Session Management". You can check this chapter directly, and then return to this section to continue reading.

4． Use header function to redirect

In addition to the above method, there is a simpler method, that is, when the user submits the form, the server side processes it and immediately redirects to other pages. The code is as follows.

if (isset($_POST['action']) && $_POST['action'] == 'submitted') {

//Process data, such as inserting data and immediately redirecting to other pages

header('location:submits_success.php');

}

In this way, even if the user uses the refresh key, it will not cause repeated submission of the form, because it has been redirected to a new page, and this page script no longer cares about any submitted data.

5.8.4 Handling of form expiration

During the development process, it often happens that a form error occurs and all the information filled in when returning to the page is lost. In order to support page bounce, the following two methods can be used to achieve this.

1． Use the header header to set the cache control header Cache-control.

header('Cache-control: private, must-revalidate'); //Support page bounce

2． Use the session_cache_limiter method.

session_cache_limiter('private, must-revalidate'); //To be written before the session_start method

The following code snippet can prevent the user from filling in the form and clicking the "Submit" button to return, and the content just filled in the form will not be cleared:

session_cache_limiter('nocache');

session_cache_limiter('private');

session_cache_limiter('public');

session_start();

//The following is the content of the form, so that when the user returns to the form, the filled-in content will not be cleared

Just paste this code at the top of the script you want to apply.

Cache-Control message header field description

Cache-Control specifies the caching mechanism that requests and responses follow. Setting Cache-Control in a request message or response message does not modify the caching process during the processing of another message.

The caching instructions in the request include no-cache, no-store, max-age, max-stale, min-fresh and only-if-cached. The instructions in the response message include public, private, no-cache, no -store, no-transform, must-revalidate, proxy-revalidate and max-age. The meaning of instructions in each message is shown in Table 5-3.

Caching directives

Say Ming

public

Indicates that the response can be cached in any cache

private

Indicates that the entire or partial response message for a single user cannot be processed by the shared cache. This allows the server to only describe part of the user's response message, which is invalid for other user requests

no-cache

Indicates that the request or response message cannot be cached

no-store

Used to prevent important information from being released unintentionally. Sending in the request message will cause both the request and response messages to not use caching

max-age

Indicates that the client can receive responses with a lifetime no greater than the specified time in seconds

min-fresh

Indicates that the client can receive responses with a response time less than the current time plus the specified time

max-stale

Indicates that the client can receive response messages beyond the timeout period. If the value of max-stale message is specified, then the client can receive response messages that exceed the specified value of the timeout period

For an introduction to Session and Cookies, please refer to Chapter 10 "PHP Session Management" for details.

5.8.5 Techniques for judging form actions

The form can allocate the actions that should be processed through the same program. There are different logics in the form. How to determine the content of the button pressed by the user is just a small problem.

In fact, you only need to know the name of the submit button. When the form is submitted, only the button of the submit type that is pressed will be sent to the form array, so you can know the user by just judging the value of the button. Which button to press, take the following form as an example:

When the user presses the "a" button, btn=a, and presses the "b" button, then btn=b.

You can also judge by the name of the submit button, please see the following code:

In this way, as long as there is a or b in the POST/GET parameter, you can know which button is pressed.

print_r($_POST);

?>

http://www.bkjia.com/PHPjc/477665.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/477665.htmlTechArticleWhen the user submits the form, it may be due to network speed or the webpage is maliciously refreshed, causing the same record to be repeatedly inserted into In the database, this is a more difficult problem. We can start from...

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Show More

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Saving in R.E.P.O. Explained (And Save Files)

1 months ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

4 weeks ago By DDD

Show More

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Show More

Hot Topics

Where is the login entrance for gmail email?

7563

15

CakePHP Tutorial

1385

52

What is the format of the account name of steam

84

11

win11 activation key permanent

61

19

nyt connections hints and answers

28

99

Show More

Related knowledge

PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian Dec 24, 2024 pm 04:42 PM

PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati

How To Set Up Visual Studio Code (VS Code) for PHP Development Dec 20, 2024 am 11:31 AM

Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c

7 PHP Functions I Regret I Didn't Know Before Nov 13, 2024 am 09:42 AM

If you are an experienced PHP developer, you might have the feeling that you’ve been there and done that already.You have developed a significant number of applications, debugged millions of lines of code, and tweaked a bunch of scripts to achieve op

How do you parse and process HTML/XML in PHP? Feb 07, 2025 am 11:57 AM

This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an

Explain JSON Web Tokens (JWT) and their use case in PHP APIs. Apr 05, 2025 am 12:04 AM

JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,

PHP Program to Count Vowels in a String Feb 07, 2025 pm 12:12 PM

A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total

Explain late static binding in PHP (static::). Apr 03, 2025 am 12:04 AM

Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.

What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases? Apr 03, 2025 am 12:03 AM

What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.

See all articles