Home
Backend Development
PHP Tutorial
PHP prevents repeated submission of problems summary_PHP tutorial
Backend Development
PHP Tutorial
PHP prevents repeated submission of problems summary_PHP tutorial
PHP prevents repeated submission of problems summary_PHP tutorial
php
refresh
reason
Summarize
malicious
submit
hour
user
of
Internet speed
Web page
form
repeat
question
prevent
When the user submits the form, the same record may be repeatedly inserted into the database due to network speed or the web page is maliciously refreshed. This is a relatively thorny problem. We can start from the client and server side together to try to avoid repeated submission of the same form.
1. Use client script
When it comes to client-side scripts, JavaScript is often used for general input validation. In the following example, we use it to handle the repeated submission of the form, please see the following code:
When the user clicks the "Submit" button, the button will become gray and unavailable, as shown in Figure 5-6.
In the above example, the OnClick event is used to detect the user's submission status. If the "Submit" button is clicked, the button is immediately disabled and the user cannot click the button to submit again.
There is another method, which also uses the function of JavaScript, but uses the OnSubmit() method. If the form has been submitted once, a dialog box will pop up immediately. The code is as follows:
In the above example, if the user has clicked the "Submit" button, the script will automatically record the current status and increase the submitcount variable by 1. When the user attempts to submit again, the script determines that the submitcount variable value is non-zero. Prompts the user that the form has been submitted to avoid repeated submission of the form.
2. Use cookies
Use Cookie to record the status of form submission. Based on its status, you can check whether the form has been submitted. Please see the following code:
if(isset($_POST['go'])){
setcookie("tempcookie","",time()+30);
header("Location:".$_SERVER[PHP_SELF]);
exit();
}
if(isset($_COOKIE["tempcookie"])){
setcookie("tempcookie","",0);
echo "You have already submitted the form";
}
?>
If the client disables cookies, this method will have no effect. Please note this. For a detailed introduction to Cookies, please refer to Chapter 10 "PHP Session Management".
3. Use Session processing
Using PHP’s Session function can also avoid repeated submission of forms. Session is saved on the server side. The Session variable can be changed while PHP is running. The next time you access this variable, you will get the newly assigned value. Therefore, you can use a Session variable to record the value submitted by the form. If it does not match, it is considered The user is submitting repeatedly, please see the following code:
session_start();
//Generate random numbers based on the current SESSION
$code = mt_rand(0,1000000);
$_SESSION['code'] = $code;
?>
Pass random numbers as hidden values on the page form, the code is as follows:
The PHP code on the receiving page is as follows:
session_start();
if(isset($_POST['originator'])) {
if($_POST['originator'] == $_SESSION['code']){
// Statement to process the form, omit
}else{
echo ‘Please do not refresh this page or submit the form repeatedly! ’;
}
}
?>
Regarding the content of Session, we will discuss it in detail in Chapter 10 "PHP Session Management". You can check this chapter directly, and then return to this section to continue reading.
4. Use header function to redirect
In addition to the above method, there is a simpler method, that is, when the user submits the form, the server side processes it and immediately redirects to other pages. The code is as follows.
if (isset($_POST['action']) && $_POST['action'] == 'submitted') {
//Process data, such as inserting data and immediately redirecting to other pages
header('location:submits_success.php');
}
In this way, even if the user uses the refresh key, it will not cause repeated submission of the form, because it has been redirected to a new page, and this page script no longer cares about any submitted data.
5.8.4 Handling of form expiration
During the development process, it often happens that a form error occurs and all the information filled in when returning to the page is lost. In order to support page bounce, the following two methods can be used to achieve this.
1. Use the header header to set the cache control header Cache-control.
header('Cache-control: private, must-revalidate'); //Support page bounce
2. Use the session_cache_limiter method.
session_cache_limiter('private, must-revalidate'); //To be written before the session_start method
The following code snippet can prevent the user from filling in the form and clicking the "Submit" button to return, and the content just filled in the form will not be cleared:
session_cache_limiter('nocache');
session_cache_limiter('private');
session_cache_limiter('public');
session_start();
//The following is the content of the form, so that when the user returns to the form, the filled-in content will not be cleared
Just paste this code at the top of the script you want to apply.
Cache-Control message header field description
Cache-Control specifies the caching mechanism that requests and responses follow. Setting Cache-Control in a request message or response message does not modify the caching process during the processing of another message.
The caching instructions in the request include no-cache, no-store, max-age, max-stale, min-fresh and only-if-cached. The instructions in the response message include public, private, no-cache, no -store, no-transform, must-revalidate, proxy-revalidate and max-age. The meaning of instructions in each message is shown in Table 5-3.
Caching directives
Say Ming
public
Indicates that the response can be cached in any cache
private
Indicates that the entire or partial response message for a single user cannot be processed by the shared cache. This allows the server to only describe part of the user's response message, which is invalid for other user requests
no-cache
Indicates that the request or response message cannot be cached
no-store
Used to prevent important information from being released unintentionally. Sending in the request message will cause both the request and response messages to not use caching
max-age
Indicates that the client can receive responses with a lifetime no greater than the specified time in seconds
min-fresh
Indicates that the client can receive responses with a response time less than the current time plus the specified time
max-stale
Indicates that the client can receive response messages beyond the timeout period. If the value of max-stale message is specified, then the client can receive response messages that exceed the specified value of the timeout period
For an introduction to Session and Cookies, please refer to Chapter 10 "PHP Session Management" for details.
5.8.5 Techniques for judging form actions
The form can allocate the actions that should be processed through the same program. There are different logics in the form. How to determine the content of the button pressed by the user is just a small problem.
In fact, you only need to know the name of the submit button. When the form is submitted, only the button of the submit type that is pressed will be sent to the form array, so you can know the user by just judging the value of the button. Which button to press, take the following form as an example:
When the user presses the "a" button, btn=a, and presses the "b" button, then btn=b.
You can also judge by the name of the submit button, please see the following code:
In this way, as long as there is a or b in the POST/GET parameter, you can know which button is pressed.
print_r($_POST);
?>
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks ago
By 尊渡假赌尊渡假赌尊渡假赌
How Long Does It Take To Beat Split Fiction?
3 weeks ago
By DDD
R.E.P.O. Save File Location: Where Is It & How to Protect It?
3 weeks ago
By DDD
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
CakePHP Project Configuration
Sep 10, 2024 pm 05:25 PM
In this chapter, we will understand the Environment Variables, General Configuration, Database Configuration and Email Configuration in CakePHP.
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
CakePHP Date and Time
Sep 10, 2024 pm 05:27 PM
To work with date and time in cakephp4, we are going to make use of the available FrozenTime class.
CakePHP File upload
Sep 10, 2024 pm 05:27 PM
To work on file upload we are going to use the form helper. Here, is an example for file upload.
CakePHP Routing
Sep 10, 2024 pm 05:25 PM
In this chapter, we are going to learn the following topics related to routing ?
Discuss CakePHP
Sep 10, 2024 pm 05:28 PM
CakePHP is an open-source framework for PHP. It is intended to make developing, deploying and maintaining applications much easier. CakePHP is based on a MVC-like architecture that is both powerful and easy to grasp. Models, Views, and Controllers gu
How To Set Up Visual Studio Code (VS Code) for PHP Development
Dec 20, 2024 am 11:31 AM
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c
CakePHP Creating Validators
Sep 10, 2024 pm 05:26 PM
Validator can be created by adding the following two lines in the controller.
