Home > Backend Development > PHP Tutorial > How to parse PHP to prevent repeated form submission_PHP tutorial

How to parse PHP to prevent repeated form submission_PHP tutorial

WBOY
Release: 2016-07-21 15:01:43
Original
824 people have browsed it

php prevent form from being submitted repeatedly Example:

Copy code The code is as follows: >
session_start();
$_SESSION['fsess']=($_SESSION['fsess'])?$_SESSION['fsess']:time();
?>




Prevent repeated form submissions



Javascript and server-side dual prevention of repeated form submission demonstration




Current time:




if(@$_POST["faction"] =="submit"||@$_GET["faction"]=="submit"){
//Submission processing

//*****Server-side anti-repeated submission*** ****************
//If the form generation time from POST is the same as the form generation time saved in SESSION
//; it is submitted normally
/ /Not the same; for repeated submission
if($_SESSION["fsess"]==$_POST["fpsess"]){
$_SESSION["fsess"]=time();
echo " Submit content:
n";
echo $_POST["fpsess"]."
n";;
echo $_POST["formtext"];
echo "";
exit;
} else {
echo "Re-submit, exit! ! ! !
n";
echo "";
exit;
}
}
//$_SESSION["fsess" ]=time();
?>

" />









**************************************************** ****************
The above is a complete sample question, and the following is an excerpt from the website for reference only
**** *************************************************** *******
When a user submits a form, the same record may be repeatedly inserted into the database due to network speed issues or the web page being maliciously refreshed. This is a difficult problem. We can start from the client and server side together to try to avoid repeated submission of the same form.

1. Using client-side scripts
Mentioning client-side scripts, JavaScript is often used for general input validation. In the following example, we use it to handle the repeated submission of the form, please see the following code:





When the user clicks the "Submit" button, the button will become gray and unavailable.
In the above example, the OnClick event is used to detect the user's submission status. If the "Submit" button is clicked, the button is immediately disabled and the user cannot click the button to submit again.
There is another method, which also uses the function of JavaScript, but uses the OnSubmit() method. If the form has been submitted once, a dialog box will pop up immediately. The code is as follows:

Copy code The code is as follows:




< input name="cont" value="Submit" type="submit">


In the above example, if the user has clicked the "Submit" button, The script will automatically record the current status and increment the submitcount variable by 1. When the user attempts to submit again, the script will determine that the submitcount variable value is non-zero and prompt the user that the form has been submitted, thereby avoiding repeated submission of the form.

2. Use Cookie Processing
Use Cookie to record the status of form submission. Based on its status, you can check whether the form has been submitted. Please see the following code:

Copy code The code is as follows:

if(isset($_POST['go'])){
setcookie("tempcookie","",time( )+30);
header("Location:".$_SERVER[PHP_SELF]);
exit();
}
if(isset($_COOKIE["tempcookie"])){
setcookie("tempcookie","",0);
echo "You have already submitted the form";
}
?>

If the client prohibits Without cookies, this method will have no effect, please note this. For a detailed introduction to Cookies, please refer to Chapter 10 "PHP Session Management".

3. Use Session Processing
Using PHP's Session function can also avoid repeated submission of forms. Session is saved on the server side. The Session variable can be changed while PHP is running. The next time you access this variable, you will get the newly assigned value. Therefore, you can use a Session variable to record the value submitted by the form. If it does not match, it is considered The user is resubmitting, please see the following code:

Copy the code The code is as follows:

session_start();
//Generate a random number based on the current SESSION
$code = mt_rand(0,1000000);
$_SESSION['code'] = $code;
?>

Pass the random number as a hidden value on the page form, the code is as follows:

The PHP code on the receiving page is as follows:
Copy the codeThe code is as follows:

session_start();
if(isset($_POST['originator'])) {
if($_POST['originator'] == $_SESSION ['code']){
                                                                              using using using             using ‐                                      using   using   using         using              through ’ ’ s ’ through ’ s through through through through through off ’       through through through through ‐ through ‐‐ ‐‐‐‐‐ and } to } else{
                                                         ';
}
}
?>


Regarding the content of Session, we will discuss it in detail in Chapter 10 "PHP Session Management". You can check this chapter directly, and then return to this section to continue reading.

4. Use the header function to redirect to
In addition to the above method, there is a simpler method, that is, when the user submits the form, the server side processes it and immediately redirects to other pages. The code is as follows.
if (isset($_POST['action']) && $_POST['action'] == 'submitted') {
//Process data, such as inserting data and immediately redirect to other pages
header('location:submits_success.php');
}
In this way, even if the user uses the refresh key, it will not cause repeated submission of the form, because it has been redirected to a new page, and this page script has ignored it Any submitted data is gone.

5.8.4 Handling of form expiration
During the development process, it often happens that a form error occurs and all the information filled in when returning to the page is lost. In order to support page bounce, you can pass The following two methods are implemented.
1. Use the header header to set the cache control header Cache-control.
header('Cache-control: private, must-revalidate'); //Support page bounce

2. Use the session_cache_limiter method.
session_cache_limiter('private, must-revalidate'); //To be written before the session_start method
The following code snippet can prevent the user from filling in the form and clicking the "Submit" button to return. The content filled in the form will not be cleared:
session_cache_limiter('nocache');
session_cache_limiter('private');
session_cache_limiter('public');
session_start();
//The following is the content of the form, so that when the user returns to the form, the filled-in content will not be cleared
Just paste this code at the top of the script to be applied.
Cache-Control message header field description
Cache-Control specifies the caching mechanism followed by requests and responses. Setting Cache-Control in a request message or response message does not modify the caching process during the processing of another message.
The caching instructions in the request include no-cache, no-store, max-age, max-stale, min-fresh and only-if-cached. The instructions in the response message include public, private, no-cache, no -store, no-transform, must-revalidate, proxy-revalidate and max-age.
cache directive
says that
public
indicates that the response can be cached by any cache
private
Indicates that all or part of the response message for a single user cannot be processed by the shared cache. This allows the server to only describe partial responses from users that are not valid for requests from other users.
no-cache
Indicates that the request or response message cannot be cached -store
is used to prevent important information from being released unintentionally. Sent in the request message will cause both the request and response messages to use caching
max-age
Indicates that the client can receive responses with a lifetime no greater than the specified time in seconds
min-fresh
Indicates that the client can receive responses with a response time less than the current time plus the specified time
max-stale
Indicates that the client can receive responses Response message after the timeout period has been exceeded. If the value of the max-stale message is specified, the client can receive response messages that exceed the specified value of the timeout period

5.8.5 Tips for judging form actions
The form can pass The same program allocates the actions that should be processed, but there are different logics in the form. How to determine the content of the button pressed by the user is just a small problem.
In fact, you only need to know the name of the submit button. When the form is submitted, only the button of the submit type that is pressed will be sent to the form array, so you can know the user by just judging the value of the button. Which button to press, take the following form as an example:





When the user presses the "a" button btn =a, press the "b" button, then btn=b.
You can also judge by the name of the submit button, please see the following code:






In this way, as long as there is a or b in the POST/GET parameter, you can know which button is pressed.
print_r($_POST);?>


www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/327981.htmlTechArticlephp Example of preventing form from being submitted repeatedly: Copy the code as follows: ?php session_start(); $_SESSION['fsess' ]=($_SESSION['fsess'])?$_SESSION['fsess']:time(); ? !DOCTYPE html PUBLIC "-/...

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template