Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts

    page should be expire

    hi,
    i'm new to PHP world.
    i create online test pages.when u submit it,it work properly.
    If you click the back button of browser you can submit this
    information again to mysql.
    i think,this should not happened.
    The page must be expire when i click back button of browser.
    so,what should i do?

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Are you using the POST method on you're form?
    Sounds to me like its using the GET method on you're form, in which case you don't even need to go through the form in order to submit the data. Otherwise, it should warn about the resubmission of data. To block this from happening all together, you can header redirect to bounce off invalid access or use sessions or tokens to determine if the data was already submitted.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    sorry. i'm not getting what u say.
    i'm using "post" method.
    how can i expire the submitted page using session.

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Using a session, you set a value indicating that a particular form is going to be submitted, then when submitted you clear or remove the value.
    PHP Code:
    <?php
    session_start
    ();
    $_SESSION['frmPostReply'] = true;
    ?>
    <form method="get" action="postReply.php">
    <!-- Some fields -->
    </form>

    // postReply.php
    <?php
    session_start
    ();
    if (!isset(
    $_SESSION['frmPostReply']) || !$_SESSION['frmPostReply'])
    {
        print 
    'Please use the form.';
        
    // Or you can header('Location: http://yoursite.com/yourform.php');
        
    exit();
    }
    $_SESSION['frmPostReply'] = false;
    // Do you're stuff.
    The easier solution is to change you're get action to post action, this will prompt the user. They can still submit again, but you can still use sessions or access token techniques to handle those.
    This article has a simple access token technique: http://www.phpro.org/tutorials/Preve...e-Submits.html
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #5
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks sir,
    I have done it.
    Thank you very much.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •