Community Learn Tools Library Leisure
search
English
Home > Backend Development > PHP Tutorial > How Can I Prevent Unintended Form Resubmission in Web Applications?

How Can I Prevent Unintended Form Resubmission in Web Applications?

Susan Sarandon
Release: 2024-11-13 00:43:02
Original
553 people have browsed it

How Can I Prevent Unintended Form Resubmission in Web Applications?

Preventing Unintended Form Resubmission

Form resubmission due to page refresh is a common annoyance in web applications. To handle this issue effectively, it's crucial to employ the following strategies:

Redirect After Submission

Instead of displaying the response on the same page, redirect the user to a separate page once the form is submitted. This ensures that when the refreshed page loads, it's a new GET request and not a repeat of the POST request that has already been processed.

Example:

// submit
// set success flash message (you are using a framework, right?)
header('Location: /path/to/record');
exit;
Copy after login

Disable Browser Caching

To prevent the browser from caching your form, add the following headers to your PHP script:

header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
Copy after login

Unique Page Token

Generate a unique token on the server for each form submission. Include this token as a hidden field in the form and verify it before processing. If the token doesn't match or is missing, discard the request as a duplicate submission.

Example (with session token):

<?php
session_start();

// Generate a unique token and store it in the session
$token = md5(uniqid(mt_rand(), true));
$_SESSION['token'] = $token;

?>

<!DOCTYPE html>
<html>
<body>

<form action="submit.php" method="post">
  <input type="text" name="name">
  <input type="hidden" name="token" value="<?php echo $token; ?>">
  <input type="submit" value="Submit">
</form>

</body>
</html>
Copy after login
<?php
session_start();

// Get the submitted token
$token = $_POST['token'];

// Check if the token matches the session token
if ($token != $_SESSION['token']) {
  // Discard the request
} else {
  // Process the form data
}
Copy after login

Conclusion

By implementing these techniques, you can effectively prevent unwanted form resubmissions due to page refresh and ensure that your web application behaves as intended.

The above is the detailed content of How Can I Prevent Unintended Form Resubmission in Web Applications?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Previous article:How to Prevent Direct Access to Files Called by Ajax? Next article:Does a Recursive `array_diff()` Function Exist for Color-Coded Array Comparison?
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
3
2258
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
11
2393
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
2007
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1893
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
1959
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template