ThinkPHP tips on how to prevent repeated form submissions

Why are there pitfalls of duplicate forms?

During development, if a New or modified forms, after completing database operations in the background, we set whether to jump to other pages or return to this page. At this time, click the browser's back button and then Submitting or refreshing the page will cause form form to be submitted repeatedly, that is, this record will be added or modified twice.

The reason why the form is submitted repeatedly is: the first submission. The form will be cached into memory and will not disappear until the next time the page is submitted or the page is closed or redirected to another page. When the self-call returns, the data in the memory is still there, and the judgment in the page is submitted at this time. The code can still detect the submitted value, but it will produce the effect of repeated submission.

How to solve it? Summarizing the online solutions and your own tests, you can use the following methods:

Method 1

: The simplest: After the page is submitted, go to another page instead of this page. For example, if your page address is

http://yourdomain.com/User/Index/login

, then this The form

action

address of the page can be another processing address, such as

<form action="{:U(&#39;User/Index/check_login&#39;)}" method="post">

, which returns an error, or the user clicks the back

button

, and will still return to the previous address. , but this situation is not safe either. We also need to use method 2 to be safer together

Method 2

: After submitting the form, the submit button turns gray/hides the submit button This method is generally done in combination with method 1, using

JS

to dynamically monitor the user's click action, and dynamically set the button attribute to disabeled, which means it is gray and unavailable. The code is as follows. ：HTML:

<form action="{:U(&#39;User/Index/check_login&#39;)}" method="post">
   
   
   

JS:

$().ready(function(){
     $("#login_btn").on('click',function(){
            $(this).attr('disabled',true);
      });
});

After the combination of method 1 + method 2, basically more than 90% of repeated submission problems can be solved, but Da Liu here Let me talk about the third method, which is to solve this problem once and for all on the server side

Method 3

: Use the method of hiding random TOKEN values ​​to determine repeated submissions First, add the following method in the project's functions.php

//创建TOKEN
function createToken() {
   $code = chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) .       chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) . chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE));
   session('TOKEN', authcode($code));
}
//判断TOKEN
function checkToken($token) {
    if ($token == session('TOKEN')) {
       session('TOKEN', NULL);
       return TRUE;
    } else {
      return FALSE;
    }
}
/* 加密TOKEN */
function authcode($str) {
    $key = "YOURKEY";
    $str = substr(md5($str), 8, 10);
    return md5($key . $str);
}

Fill in the following HTML code in the form page form

HTML:

<input type="hidden" name="TOKEN" value="{:session(&#39;TOKEN&#39;)}" />

Call creatToken before the page is displayed () method generates a token, and uses checkToken() in the corresponding

controller

POST request to determine whether to submit it repeatedly

if(IS_POST)
{
$post_token = I('post.TOKEN');
  if(!checkToken($post_token)){
      $this->error('请不要重复提交页面',U('User/Index/login'));
  }
}

Basically, these three methods are combined By using it, you can solve the problem of repeated form submission in ThinkPHP development. Of course, some students said that you can use ThinkPHP's token ring mechanism, which is actually simpler. TP will generate a hidden field in the form by default, and then determine the hidden field. It only depends on whether the domain exists and whether it matches the value in the session. The principle is the same as method 3.

The above is the detailed content of ThinkPHP tips on how to prevent repeated form submissions. For more information, please follow other related articles on the PHP Chinese website!