Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Jun 2010
    Location
    Earth
    Posts
    305
    Thanks
    27
    Thanked 2 Times in 2 Posts

    Inserting on Submit

    I have a Submit and am wondering what do I need to do to get the Submit not to repost if the page is refreshed by the user

    This is my Insert for my Submit button

    PHP Code:
    if($_POST['addComment']) {
        
        
    $comment =$_POST['comment'];
        
    $dateOfComment date("Y-m-d H:i:s");

        
    // inserts new comment
        
    $insertComment $mysqli->prepare("INSERT INTO table VALUES(NULL,?,?,?,?)");
        
    $insertComment->bind_param('ssss',
            
    $infoID,
            
    $clientID,
            
    $comment,
            
    $dateOfComment);
        
    $insertComment->execute();
                    
    // END if($_POST['addComment']) 

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,978
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Presumably the NULL is a surrogate key correct? If there's no other key which can be defined as unique (which would then therefore toss an error instead of inserting), what you do is use sessions to generate tokens. This token is provided along with the form, and then it is consumed when the form is submitted. Simple as:
    PHP Code:
    <?php
    // this is the script creating the form
    session_start();
    $_SESSION['token'] = md5(microtime(true));
    //. . .
    ?>
    <input type="hidden" name="token" value="<?php echo $_SESSION['token'];?>"/>
    Then when you process:
    PHP Code:
    <?php
    session_start
    ();

    if (isset(
    $_SESSION['token'], $_POST['token']) && $_SESSION['token'] == $_POST['token'])
    {
        
    // yay all good.
        
    unset($_SESSION['token']);
        
    // do stuff
    }
    else
    {
        print 
    'Token has already been consumed.';
    }
    Now if they refresh and resend, the $_SESSION['token'] is no longer set and will fall to the else.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •