10-30-2009, 07:38 AM
i'm new to PHP world.
i create online test pages.when u submit it,it work properly.
If you click the back button of browser you can submit this
information again to mysql.
i think,this should not happened.
The page must be expire when i click back button of browser.
so,what should i do?
10-30-2009, 08:32 AM
Are you using the POST method on you're form?
Sounds to me like its using the GET method on you're form, in which case you don't even need to go through the form in order to submit the data. Otherwise, it should warn about the resubmission of data. To block this from happening all together, you can header redirect to bounce off invalid access or use sessions or tokens to determine if the data was already submitted.
10-30-2009, 05:20 PM
sorry. i'm not getting what u say.
i'm using "post" method.
how can i expire the submitted page using session.
10-31-2009, 02:11 AM
Using a session, you set a value indicating that a particular form is going to be submitted, then when submitted you clear or remove the value.
$_SESSION['frmPostReply'] = true;
<form method="get" action="postReply.php">
<!-- Some fields -->
if (!isset($_SESSION['frmPostReply']) || !$_SESSION['frmPostReply'])
print 'Please use the form.';
// Or you can header('Location: http://yoursite.com/yourform.php');
$_SESSION['frmPostReply'] = false;
// Do you're stuff.
The easier solution is to change you're get action to post action, this will prompt the user. They can still submit again, but you can still use sessions or access token techniques to handle those.
This article has a simple access token technique: http://www.phpro.org/tutorials/Preventing-Multiple-Submits.html
10-31-2009, 09:24 AM
I have done it.
Thank you very much.