Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Regular Coder
    Join Date
    Dec 2006
    Posts
    417
    Thanks
    168
    Thanked 1 Time in 1 Post

    how to prevent page refreshes using PHP?

    I am trying to come up with a method to prevent users from refreshing/reloading a page using PHP

    I am making a PHP web based game. I don't want players to reload the page because it will reset the game -- this will be a way for them to cheat. It isn't a Flash game -- it's a pure PHP based combat system.

    The best way I can think of this is to generate a random number and use that number for the combat instance. Store that number in a mySQL table and do a check to see if the number is the correct random number for the combat instance.

    If the page reloads then a new random number is generated and the check fails, which doesn't allow the combat instance to display thereby preventing the player from cheating.

    Is there a better way to do this than the idea I came up with?

  • #2
    Regular Coder Jutlander's Avatar
    Join Date
    Jun 2007
    Location
    In my own sick little world :P
    Posts
    425
    Thanks
    1
    Thanked 12 Times in 12 Posts
    Yeah, I think you should write the PHP code so the game won't reset. I have no idea how, but messing with the functions in the user's browser is not the optimal thing to do.
    .
    .

  • #3
    Regular Coder
    Join Date
    Dec 2006
    Posts
    417
    Thanks
    168
    Thanked 1 Time in 1 Post
    I wouldn't mess with the browser code at all. I aim to do this purely in PHP.

    not sure how to do it though.. any takers?

  • #4
    Regular Coder Jutlander's Avatar
    Join Date
    Jun 2007
    Location
    In my own sick little world :P
    Posts
    425
    Thanks
    1
    Thanked 12 Times in 12 Posts
    I didn't mean mess with the browser code. That is a programming language and has nothing to do with the web. I meant you shouldn't use PHP or Javascript or similar to prevent the user from using the built in functions in the browser.
    .
    .

  • #5
    New Coder
    Join Date
    Jul 2007
    Posts
    14
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I dont think you can prevent a person from refreshing using php server side. Maybe you can with javascript since that is clinet side. But it sounds like you just want to determine if a person reloading te page is new or not. You solutions sounds good. You could store the random number in a session:

    http://www.tizag.com/phpT/phpsessions.php

  • #6
    Regular Coder
    Join Date
    Jul 2007
    Location
    United Kingdom
    Posts
    159
    Thanks
    2
    Thanked 15 Times in 15 Posts
    Hey!

    This code will, hopefully, get you where you want. It works using the database and a session variable which is changed every time the user refreshes. Note: the database has the FIRST set session code so as soon as the user refreshes the two will be different. This means the code knows the page must have been refreshed!

    Once the user has refreshed the page, the error message will continue to come up until the databases version of the session is erased. I would suggest that you put a submit button with the error message which triggers the code:

    PHP Code:
    //NOTE: All CAPITALISED words should be changed to match your database.
    mysql_query("UPDATE TABLE SET sessionvar = '' WHERE USERNAME = '$USERNAMEOFLOGGEDINUSER'"); 
    Then you should take the user back to the first page to start again =]

    Hopefully this is what you are looking for.


    PHP Code:
    <?PHP

    //connect to the database.
    mysql_connect("localhost""USERNAME""PASSWORD") or die(mysql_error());
    mysql_select_db("DATABASE") or die(mysql_error());



    //if you press the "Start Game Again" button. This code will be the code you use when you want to let the user access the game page again.
    if (isset($_POST['startagain'])){
            
    //change the databases version of the session to blank
        
    mysql_query("UPDATE [TABLE] SET sessionvar = '' WHERE [USERNAME COLUMN] = '$[USERNAME OF LOGGED-IN USER]'");
            
    //go back to the index/start page
        
    echo "<script>window.location = 'index.php';</script>";
            
    //stop running any more code.
        
    exit();
    }






    //get the session randomised number from the database for that specific user.
    $result mysql_query("SELECT sessionvar FROM [TABLE] WHERE [USERNAME COLUMN] = '$usernamevar'");
    $row mysql_fetch_array$result );
    //assign the random number from the database to a variable.
    $databasesession $row['sessionvar'];


    //the random number will be made up of a certain number of these characters (you can add symbols).
    $alphanum "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz123456789";
    //create a random string of 20 characters, using the characters above.
    $rand substr(str_shuffle($alphanum), 020);

    //set the random string as a SESSION variable. (We'll use this to check whether the page has been refreshed or not, later).
    $_SESSION['sessionvar'] = $rand;


    //if there is no random number (session) already in the database, then the user has never visted the page. So lets give the user a session variable... and add it to the database.
    if ($databasesession == ""){
        
    mysql_query("UPDATE [TABLE] SET sessionvar = '$rand' WHERE [USERNAME COLUMN] = '$usernamevar'");
    }

    //now the user should have a random session variable in the database. All we have to do now is check to see whether it is the same as the one we assigned to his/her SESSION on the server.


    //if the databases session matches the current session on the server for this user OR the databases session is blank (which means the user has never visited before), then show the page.
    if ($databasesession == $_SESSION['sessionvar'] || $databasesession == ""){
        echo 
    "YOU ARE ALLOWED TO VIEW THIS PAGE!<br><br>";
        echo 
    "<a href='javascript:void(0)' onClick='window.location.reload( true );'>Refresh</a>";
        
    //if the databases random number isn't the same as the one which the user has in the session then show an error and stop executing the rest of the code ("exit();").
    } else {
        echo 
    "ERROR: You must NOT refresh this page!";
        echo 
    "<form method='post' action''><input type='submit' name='startagain' value='Start Game Again!'></form>";
        echo 
    "<a href='javascript:void(0)' onClick='window.location.reload( true );'>Refresh</a>";
        exit();
    }


    ?>


    If you need to know anything else about this code then please let me know, and I'll help... the commenting may or may not help at all :P


    ~Jordan


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •