...

View Full Version : preventing form re-submission on refresh



eberdome
12-19-2010, 10:08 AM
hey there,

I'm new to the forums and was curious if someone could help me. i have a simple database driven login script that produces errors if the user enters the wrong credentials, now if a user did that and decided to refresh the page that pesky pop-up box comes up asking for confirmation of re-submission. is there anyway that the page refreshes normally regardless? thx

Common
12-19-2010, 10:24 AM
Do you mean you're using javascript alerts as the error message? There's lots of ways to do this, it just depends on your code.

I'm imagining you have a small login box on your main page or something? There's no reason that any of the code related to someone clicking "login" should be running when the page loads normally.

It's hard to imagine what your code will be like, but if the situation is as above you should probably process the login with a different php file or use an id. So, hitting login submits the forum to index.php?id=processlogin. Then at the top of the page use an if statement such as

if($_GET[id] == "processlogin" && $_POST[username] != ""){

This would check that you wanted to process the login and that the fields were filled out, which they won't be unless the persons actually trying to login.

Anyway, like I said, hard to know your exact situation but hopefully something in there will give you an idea.

adarshakb
12-19-2010, 11:43 AM
The best way is as Common said to have the login script running separately in another page and submit the variables there... and Use that to redirect in the server side the user back to your required page based on what the input was using the header("Location: ".$YOUR_URL); function of php

mlseim
12-19-2010, 12:20 PM
You can also use PHP SESSION.
On the very beginning of the script that processes the form, create a SESSION:

<?php
session_start();
$_SESSION['form']="submitted";


Then, at the top of your form page, check for that session,
and if it exists, kick them out of that page.

<?php
session_start();
if(isset($_SESSION['form'])){
header ("location: index.php");
}
?>

eberdome
12-19-2010, 07:49 PM
but the only thing is that the form processes on the same page. i end up not calling any action when i set up a form <form action="" method="post"> is how im doing this, all processes are on the same page. when i added your code i got as redirecting problem.

mlseim
12-19-2010, 08:16 PM
Post your script for us ... that might give us some ideas.

eberdome
12-20-2010, 05:00 AM
this is the code that i include at the top of the login page, which redirects to members.php if the right credentials are entered! thx again!

<?

ob_start();

session_start();




include_once "/home/rdewebde/public_html/includes/_config.php";



if(isset($_POST['login'])) {

$username= trim($_POST['username']);

$password = trim($_POST['password']);

if($username == NULL OR $password == NULL) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">Both fields are required to continue</span>";

}

else {

$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());

if(mysql_num_rows($check_user_data) == 0) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">These credentials do not exist</span>";

}

else {

$get_user_data = mysql_fetch_array($check_user_data);

if($get_user_data['password'] != $password) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">These credentials do not exist</span>";

}

else {

$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";

$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";

$final_report.= "<script type=\"text/javascript\">

$(document).ready(function() { $(\".successMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"successMsg\">Loading...</span><meta http-equiv=\"Refresh\" content=\"2; URL=http://www.gorillaonemedia.com/lounge/members.php\" />";

}
}
}
}



?>

adarshakb
12-20-2010, 08:45 AM
why dont you move your form processing to another separate page? That way it will be a lot of clutter free also you would have no redirect problems

mlseim
12-20-2010, 12:23 PM
I agree.

Form in one script,
the processing in another.

Since you are using SESSION, once the processing script
saves the form variables in SESSION's, you can move around
and never lose them.

eberdome
12-20-2010, 05:39 PM
so by looking at my code, what would I need to change and what do I need to add to my next page?

eberdome
12-29-2010, 12:00 AM
Can someone please help me modify this code so i can prevent form from re-submitting on refresh if error occurs? thanks

login.php


<?

ob_start();

session_start();




include_once "/home/rdewebde/public_html/includes/_config.php";



if(isset($_POST['login'])) {

$username= trim($_POST['username']);

$password = trim($_POST['password']);

if($username == NULL OR $password == NULL) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">Both fields are required to continue</span>";

}

else {

$check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error());

if(mysql_num_rows($check_user_data) == 0) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">These credentials do not exist</span>";

}

else {

$get_user_data = mysql_fetch_array($check_user_data);

if($get_user_data['password'] != $password) {

$final_report.="<script type=\"text/javascript\">

$(document).ready(function() { $(\".errorMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"errorMsg\">These credentials do not exist</span>";

}

else {

$start_idsess = $_SESSION['username'] = "".$get_user_data['username']."";

$start_passsess = $_SESSION['password'] = "".$get_user_data['password']."";

$final_report.= "<script type=\"text/javascript\">

$(document).ready(function() { $(\".successMsg\").slideUp(0).delay(0).slideDown(200); });

</script>
<span class=\"successMsg\">Loading...</span><meta http-equiv=\"Refresh\" content=\"2; URL=http://www.gorillaonemedia.com/lounge/members.php\" />";

}
}
}
}



?>


members.php


<?

ob_start();

session_start();

include_once "/home/rdewebde/public_html/includes/_config.php";

if(!isset($_SESSION['username']) || !isset($_SESSION['password'])) {

header("Location: http://www.gorillaonemedia.com/lounge/");

}

else {

$username = "".$_SESSION['username']."";

$users_data = mysql_query("SELECT * FROM `members` WHERE `username`='".$username."'");

$user_info = mysql_fetch_array($users_data);

}

$user_info['username'];

$user_info['password'];

$user_info['email'];

$user_info['domain'];

$user_info['f_name'];

$user_info['l_name'];

?>



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum