如何防止 PHP 中的多重表單提交：綜合指南

Preventing Multiple Form Submissions in PHP: A Comprehensive Guide

Multiple form submissions can be a problem in web applications, leading to unintended consequences. This article will provide a detailed solution to prevent multiple submissions in PHP.

Solution Using Tokens

PHP offers a robust solution using unique tokens that can be generated and stored in session. Here's how to implement it:

1. Generate a Token: Use getToken() function to create a unique token that will be embedded in the form.
2. Validate Token: When the form is submitted, check the validity of the submitted token using isTokenValid($token) function. If the token is valid, remove it from the list of valid tokens to prevent reuse.
3. Display Form: Obtain a token for the current form using getToken() and include it as a hidden input in the form.

Code Example:

<?php
session_start();

function getToken(){
  $token = sha1(mt_rand());
  $_SESSION['tokens'][$token] = 1;
  return $token;
}

function isTokenValid($token){
  if(!empty($_SESSION['tokens'][$token])){
    unset($_SESSION['tokens'][$token]);
    return true;
  }
  return false;
}

$postedToken = filter_input(INPUT_POST, 'token');
if(!empty($postedToken) && isTokenValid($postedToken)){
  // Process Form
}

$token = getToken();
?>
<form method="post">
  <input type="hidden" name="token" value="<?php echo $token; ?>"/>
  <!-- Form Content -->
</form>

Redirects and Backward Compatibility

To maintain proper backward and forward navigation, it's recommended to implement a POST/redirect/GET pattern. This involves:

1. POST the form with the token.
2. Upon successful token validation, perform the desired actions and redirect the user to a new page.
3. Use a GET request for the redirected page to prevent the form from being resubmitted when the user clicks the "back" button.

By following these steps, you can effectively prevent multiple form submissions and ensure the integrity of your web application.

以上是如何防止 PHP 中的多重表單提交：綜合指南的詳細內容。更多資訊請關注PHP中文網其他相關文章！