PHP利用session与cookies防重复提交实例
在网页开发中防止重复提交是一个比较实用并且也常用碰到的问题了,除了我们可以直接在数据库查询用户是否提交相同数据进行过滤外,我们还可以在用户提交数据时就防止这类事情发现,下面我来介绍基于session与cookies防重复提交一些基于实现方法。
防止刷新或再交提交
所以就考虑增加一个参数来防止这类情况的发生,COOKIE和SESSION可供选择,不过 COOKIE是客户端的,如果人家禁用COOKIE的话,照样可以恶意刷新点击数。还是用SESSION的好,IP+URL参数的MD5值做 SESSION名
实现原理 设置 max_reloadtime =100; //设置页面刷新最长间隔时间
用户第一次打开页面 记录当前的时间保存在 session_start
用户第二次打开页面(判断 session_start是否存在) 用当前时间和 session_start 相减 得到差值 time_passed
当 time_passed
<?php
session_start();
$k = $_GET['k'];
$t = $_GET['t'];
//防刷新时间
$allowTime = 1800;
$ip = get_client_ip();
$allowT = md5($ip . $k . $t);
if (!isset($_SESSION[$allowT])) {
$refresh = true;
$_SESSION[$allowT] = time();
} elseif (time() - $_SESSION[$allowT] > $allowTime) {
$refresh = true;
$_SESSION[$allowT] = time();
} else {
$refresh = false;
}
?>防表单重复提交
<?php
/* 改进版
PHP防止用户刷新页面(Refresh or Reload),重复提交表单内容。
由于表单变量的内容由$_POST['name']引用,也许在处理完表单后,直接将$_POST['name']销毁(unset())即可。其实不然。可能由于页面默认对表单内容进行了缓存,所以,即使销毁了$_POST['name'],刷新后,$_POST['name']还是会被赋值,一样有效。
可利用Session解决。首先给Session赋个值,比如400,第一次提交成功后改变Session的值,当第二次提交时去检查这个Session 的值,如果不是400,就不再处理表单中的数据。
可设置Session的有效时间?
*/
if (isset($_POST['action']) && $_POST['action'] == 'submitted') {
session_start();
isset($_SESSION['num']) or die("no session");
if ($_SESSION['num'] == 400) {
print '<pre class="brush:php;toolbar:false">';
print_r($_POST);
print '<a href="' . $_SERVER['PHP_SELF'] . '">Please try again</a>';
print '';
print_r($_POST);
echo "However you have submitted";
print '例,一个基于smarty演示版
<?php
$code = mt_rand(0, 1000000);
setcookie('addtips', $code, time() + 300);
if (isset($_POST['submit'])) {
if ($_COOKIE['addtips'] != $_POST['code']) {
echo "请不要刷新本页面或重复提交表单";
exit();
}
}
$smarty->assign('code', $code);
?>10./////防止表单重复提交
在tpl模板中
1.
<?php
/*利用PHP的Session功能,也能避免PHP表单重复提交。Session保存在服务器端,在PHP运行过程中可以改变Session变量,下次访问这个变量时,得到的是新赋的值,所以,可以用一个Session变量记录表单提交的值,如果不匹配,则认为是用户在重复提交
*/
session_start(); //根据当前SESSION生成随机数
$code = mt_rand(0, 1000000);
$_SESSION['code'] = $code;
//在表单中隐藏传递:
< inputtype = "hidden"name = "originator"value = "< ?=$code?>" >
//在接收页代码如下:
session_start();
if (isset($_POST['originator'])) {
if ($_POST['originator'] == $_SESSION['code']) {
// 处理该表单的语句,省略
} else {
echo '请不要刷新本页面或
重复提交表单!';
}
}
?>永久链接:
转载随意!带上文章地址吧。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1376
52
Asynchronous processing method of Select Channels Go concurrent programming using golang
Sep 28, 2023 pm 05:27 PM
Asynchronous processing method of SelectChannelsGo concurrent programming using golang Introduction: Concurrent programming is an important area in modern software development, which can effectively improve the performance and responsiveness of applications. In the Go language, concurrent programming can be implemented simply and efficiently using Channels and Select statements. This article will introduce how to use golang for asynchronous processing methods of SelectChannelsGo concurrent programming, and provide specific
How to hide the select element in jquery
Aug 15, 2023 pm 01:56 PM
How to hide the select element in jquery: 1. hide() method, introduce the jQuery library into the HTML page, you can use different selectors to hide the select element, the ID selector replaces the selectId with the ID of the select element you actually use; 2. css() method, use the ID selector to select the select element that needs to be hidden, use the css() method to set the display attribute to none, and replace selectId with the ID of the select element.
How to implement change event binding of select elements in jQuery
Feb 23, 2024 pm 01:12 PM
jQuery is a popular JavaScript library that can be used to simplify DOM manipulation, event handling, animation effects, etc. In web development, we often encounter situations where we need to change event binding on select elements. This article will introduce how to use jQuery to bind select element change events, and provide specific code examples. First, we need to create a dropdown menu with options using labels:
What is the reason why Linux uses select?
May 19, 2023 pm 03:07 PM
Because select allows developers to wait for multiple file buffers at the same time, it can reduce IO waiting time and improve the IO efficiency of the process. The select() function is an IO multiplexing function that allows the program to monitor multiple file descriptors and wait for one or more of the monitored file descriptors to become "ready"; the so-called "ready" state is Refers to: the file descriptor is no longer blocked and can be used for certain types of IO operations, including readable, writable, and exceptions. select is a computer function located in the header file #include. This function is used to monitor file descriptor changes—reading, writing, or exceptions. 1. Introduction to the select function. The select function is an IO multiplexing function.
How to use the select syntax of mysql
Jun 01, 2023 pm 07:37 PM
1. Keywords in SQL statements are not case-sensitive. SELECT is equivalent to SELECT, and FROM is equivalent to from. 2. To select all columns from the users table, you can use the symbol * to replace the column name. Syntax--this is a comment--query out [all] data from the [table] specified by FEOM. * means [all columns] SELECT*FROM--query out the specified data from the specified [table] from FROM Data of column name (field) SELECT column name FROM table name instance--Note: Use English commas to separate multiple columns selectusername, passwordfrom
Implement Select Channels Go concurrent programming performance optimization through golang
Sep 27, 2023 pm 01:09 PM
Implementing SelectChannels through golang Performance optimization of Go concurrent programming In the Go language, it is very common to use goroutine and channel to implement concurrent programming. When dealing with multiple channels, we usually use select statements for multiplexing. However, in the case of large-scale concurrency, using select statements may cause performance degradation. In this article, we will introduce some implementations of select through golang
Select Channels Go concurrent programming for reliability and robustness using golang
Sep 28, 2023 pm 05:37 PM
SelectChannels for Reliability and Robustness Using Golang Introduction to Concurrent Programming: In modern software development, concurrency has become a very important topic. Using concurrent programming can make programs more responsive, utilize computing resources more efficiently, and be better able to handle large-scale parallel computing tasks. Golang is a very powerful concurrent programming language. It provides a simple and effective way to implement concurrent programming through go coroutines and channel mechanisms.
How to use golang for Select Channels Go concurrent programming
Sep 27, 2023 pm 09:07 PM
How to use golang for SelectChannelsGo concurrent programming Go language is a language that is very suitable for concurrent programming, in which the channel (Channel) and the Select statement are two important elements to achieve concurrency. This article will introduce how to use golang's SelectChannels for concurrent programming and provide specific code examples. 1. The concept of channel Channel is used for communication and data between goroutines
