Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
Thread: Clearing _GET and _POST
10-10-2012, 11:02 AM #1
- Join Date
- Sep 2012
- Thanked 0 Times in 0 Posts
Clearing _GET and _POST
Hi, I'm making a system which uses _GET and _POST a lot, but I don't want anything to mess up if I or someone else presses 'back' on their browser (or something like that).
Is there a way to 'clear' _GET and _POST only if the user got to the page in a different way?
10-10-2012, 02:49 PM #2
- Join Date
- Sep 2002
- Saskatoon, Saskatchewan
- Thanked 2,662 Times in 2,631 Posts
Nope, you can't stop a retransmit for a back button. All that really matters is likely a post though.
You can use tokens for this. Simply create a token when a form is accessed and save it in a session, it can be anything random. When they submit the form, consume the token and respond accordingly. If they hit back and explicitly retransmit the post data, then the token is no longer available to be consumed, so don't react to the input. Since they repost the same data, the token provided by the form will not match if a new token is created or if there is no token to use at all.