How to prevent page refresh in php
This article mainly introduces how to prevent page refreshes repeatedly in PHP. Interested friends can refer to it. I hope it will be helpful to everyone.
How to prevent the page from being refreshed repeatedly can be easily achieved by using session in the PHP environment.
b.php code
<?php
//只能通过post方式访问
if ($_SERVER['REQUEST_METHOD'] == 'GET')
{header('HTTP/1.1 404 Not Found'); die('亲,页面不存在');}
session_start();
$fs1=$_POST['a'];
$fs2=$_POST['b'];
//防刷新时间,单位为秒
$allowTime = 30;
//读取访客ip,以便于针对ip限制刷新
/*获取真实ip开始*/
if ( ! function_exists('GetIP'))
{
function GetIP()
{
static $ip = NULL;
if ($ip !== NULL)
{
return $ip;
}
if (isset($_SERVER))
{
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
/* 取X-Forwarded-For中第x个非unknown的有效IP字符? */
foreach ($arr as $xip)
{
$xip = trim($xip);
if ($xip != 'unknown')
{
$ip = $xip;
break;
}
}
}
elseif (isset($_SERVER['HTTP_CLIENT_IP']))
{
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
else
{
if (isset($_SERVER['REMOTE_ADDR']))
{
$ip = $_SERVER['REMOTE_ADDR'];
}
else
{
$ip = '0.0.0.0';
}
}
}
else
{
if (getenv('HTTP_X_FORWARDED_FOR'))
{
$ip = getenv('HTTP_X_FORWARDED_FOR');
}
elseif (getenv('HTTP_CLIENT_IP'))
{
$ip = getenv('HTTP_CLIENT_IP');
}
else
{
$ip = getenv('REMOTE_ADDR');
}
}
preg_match("/[\d\.]{7,15}/", $ip, $onlineip);
$ip = ! empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
return $ip;
}
}
/*获取真实ip结束*/
$reip = GetIP();
//相关参数md5加密
$allowT = md5($reip.$fs1.$fs2);
if(!isset($_SESSION[$allowT])){
$_SESSION[$allowT] = time();
}
else if(time() - $_SESSION[$allowT]-->$allowTime){
$_SESSION[$allowT] = time();
}
//如果刷新过快,则直接给出404header头以及提示
else {header('HTTP/1.1 404 Not Found'); die('来自'.$ip.'的亲,您刷新过快了');}
?>The code is very simple. It is nothing more than encrypting the ip and the data submitted to the page that needs to be refreshed through POST, then writing it into the session through md5 encryption, and then passing The stored session is used to determine the refresh interval to determine whether to allow refresh. It should be noted that the two parameters "$fs1=$_POST['a'];" and "$fs1=$_POST['a'];" refer to the parameters that other pages submit to the page that needs to be refreshed through the post method. The reason why these parameters are added in addition to IP is to distinguish different post results. (In fact, the so-called anti-refresh is to prevent a certain page from being submitted repeatedly.)
More specifically, for example, if the above code is placed at the beginning of the b.php page, we have the following on the a.html page Form:
Code:
<!DOCTYPE> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>b.html</title> </head> <body> <form action="b.php" method="post" > <input type="hidden" id="a" name="a" value="a"/> <input type="hidden" id="b" name="b" value="b"/> <button name="" type="submit" >提交</button> </form> </body> </html>
You can see that the two parameters a and b submitted by this page are exactly the two parameters in b.php (actually it should be said the other way around, by Determined by the parameters of the submission page). In the previous PHP code, it has been determined that the page where the data is submitted can only be accessed through post, so directly entering the address will get a 404 header error page. The page can only be obtained through post. At the same time, when the post is refreshed, it will bring its own On the parameter address, this achieves the effect of preventing refresh of each IP on the same page.
In addition, we can add a referer to the page being posted to determine the source website to prevent cross-site submission. However, the referer can be forged, and firefox and ie8 often lose the referer inexplicably, so we will not add this for the time being. code.
Summary: The above is the entire content of this article, I hope it will be helpful to everyone's study.
Related recommendations:
PHP implements a method of forcing the specified callback type based on Callable
php method to solve and avoid repeated submission of form forms
PHP simple string filtering method example sharing
The above is the detailed content of How to prevent page refresh in php. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'?
Apr 01, 2025 am 07:21 AM
Alipay PHP...
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
Explain the concept of late static binding in PHP.
Mar 21, 2025 pm 01:33 PM
Article discusses late static binding (LSB) in PHP, introduced in PHP 5.3, allowing runtime resolution of static method calls for more flexible inheritance.Main issue: LSB vs. traditional polymorphism; LSB's practical applications and potential perfo
Framework Security Features: Protecting against vulnerabilities.
Mar 28, 2025 pm 05:11 PM
Article discusses essential security features in frameworks to protect against vulnerabilities, including input validation, authentication, and regular updates.
Customizing/Extending Frameworks: How to add custom functionality.
Mar 28, 2025 pm 05:12 PM
The article discusses adding custom functionality to frameworks, focusing on understanding architecture, identifying extension points, and best practices for integration and debugging.
How to send a POST request containing JSON data using PHP's cURL library?
Apr 01, 2025 pm 03:12 PM
Sending JSON data using PHP's cURL library In PHP development, it is often necessary to interact with external APIs. One of the common ways is to use cURL library to send POST�...
Describe the SOLID principles and how they apply to PHP development.
Apr 03, 2025 am 12:04 AM
The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.
What exactly is the non-blocking feature of ReactPHP? How to handle its blocking I/O operations?
Apr 01, 2025 pm 03:09 PM
An official introduction to the non-blocking feature of ReactPHP in-depth interpretation of ReactPHP's non-blocking feature has aroused many developers' questions: "ReactPHPisnon-blockingbydefault...
