Jump to content

Archived

This topic is now archived and is closed to further replies.

bobleny

POST data is entered on refresh - must fix

Recommended Posts

I scripted this knowing it would end up with the problem that I am having. This is what it does, You enter .05question.php and you fill out the form and click post. Then the page reloads and inserts the information into the database using .05question.php and displays the information. As you might of guessed by now, the problem is that when you refresh the page, the information that was gathered is reentered. [a href=\"http://www.firemelt.net/.05question.php\" target=\"_blank\"]http://www.firemelt.net/.05question.php[/a] That is a working example. Also, due to this problem when you go there a blank post will be entered.

I believe it does this because the POST data is entered every time the page loads by default of the way its coded.

[code]
<?php
session_start();
header("Cache-control: private");

include("top.php");
$text="Database Test";

$username="********";
$password="********";
$database="********";

$name = str_replace('<','<',$_POST['name']); $name = str_replace('>','>',$name);
$subject = str_replace('<','<',$_POST['subject']); $subject = str_replace('>','>',$subject);
$message = str_replace('<','<',$_POST['message']); $message = str_replace('>','>',$message);
$postedtime = date("n-j-y g:i A",time()+21600);


mysql_connect('db4.awardspace.com:3306',$username,$password);
mysql_select_db($database) or die( "Unable to select database");
mysql_query("INSERT INTO forum (`name`,`subject`,`message`,`postedtime`) VALUES ('$name','$subject','$message','$postedtime')");
mysql_close();

?>

<span class="pleft">To post a message, fill in the boxes below.</span>

<form action=".05question.php" method="post">
Name: <input type="text" name="name" size="11" maxlength="10"><br />
Subject: <input type="text" name="subject" size="21" maxlength="20"><br />
Message: <br /><textarea name="message" cols="45" rows="3" wrap="soft" maxlength="500"></textarea><br />
<input type="Submit" value="Post">
</form>

<br />

<?php

mysql_connect('db4.awardspace.com:3306',$username,$password);
mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM forum ORDER BY id DESC";
$result=mysql_query($query);

$num=mysql_numrows($result);

mysql_close();

$i=0;
while ($i < $num) {

$name = mysql_result($result,$i,"name");
$subject = mysql_result($result,$i,"subject");
$message = nl2br(mysql_result($result,$i,"message"));
$postedtime = mysql_result($result,$i,"postedtime");
$id = mysql_result($result,$i,"id");
?>

<table border=0 background=table_declare.png cellpadding=0 cellspacing=0 align=center width=353 height=27>
<tr><td width=353>
<center>Posted by: <?php echo $name ?></center>
</td></tr>
</table>

<table border=0 background=table_top4.png cellpadding=0 cellspacing=0 align=center width=703 height=27>
<tr>
<td> <span class="pleft">Subject: <?php echo $subject ?></span></td>
<td align=right><span class="pleft">Posted on: <?php echo $postedtime ?> </span></td>
</tr>
</table>

<table border=0 background=table_back.png cellpadding=0 cellspacing=0 align=center width=703>
<tr><td align=center>

<table border=0 cellpadding=0 cellspacing=0 align=center width=691>
<tr><td width=691>

<?php echo $message ?>

</td></tr>
</table>

</td></tr>
<tr><td><img src=table_bottom.png width=703 height=5></td></tr>
</table>

<!----------------------------------------------------------------------->
<br /><br />
<!----------------------------------------------------------------------->

<?php

$i++;
}

include("bot.php");
?>
[/code]

Share this post


Link to post
Share on other sites
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]I believe it does this because the POST data is entered every time the page loads by default of the way its coded.[/quote]
Yes, you're absolutely right. And Fenway has already explained why in the MySQL thread you had about the same problem.
[code]<input type="Submit" value="Post">[/code]
Change that to:
[code]<input type="submit" name="submit" value="Post">[/code]

And then .... check if $submit is set BEFORE you write anything to the database.

Share this post


Link to post
Share on other sites
Yes, fenway did speak of this. He said
“Yeah, that could work too -- but there's no need to go via an intermediate page when printing out a proper location header will suffice.” and

“I don't know how to do this in PHP specifically, since I do everything in Perl. However, the basic idea is that you process all of the posted information, redirect to a new page (without re-posting info), then generate your e-mail in the background. I'm sure there are others around here who know exactly how PHP handles Location headers; if not, I'm sure there are tutorials aplenty.”

Maybe I’ve read that wrong but it sounds to me as though he is saying to redirect to a new page, then generate your e-mail in the background. Which is what I originally had. And besides, that topic wasn’t posted by me.

Anyways, I don’t quite understand what you mean by check if its been set? It sounds to me like you mean to check and make sure the post button has been clicked, in which case I would not know how to do that. I’m thinking...

[code]
If ($_POST[‘submit’] something another)
{

}
[/code]

Share this post


Link to post
Share on other sites
[code]$username="********";
$password="********";
$database="********";

if (isset($_POST['submit'])) {
// skip this unless the form has been submitted
    $name = str_replace('<','<',$_POST['name']); $name = str_replace('>','>',$name);
    $subject = str_replace('<','<',$_POST['subject']); $subject = str_replace('>','>',$subject);
    $message = str_replace('<','<',$_POST['message']); $message = str_replace('>','>',$message);
    $postedtime = date("n-j-y g:i A",time()+21600);

    mysql_connect('db4.awardspace.com:3306',$username,$password);
    mysql_select_db($database) or die( "Unable to select database");
    mysql_query("INSERT INTO forum (`name`,`subject`,`message`,`postedtime`) VALUES ('$name','$subject','$message','$postedtime')");
    mysql_close();
}

?>

<span class="pleft">To post a message, fill in the boxes below.</span>[/code]

Share this post


Link to post
Share on other sites
Oh Ok! Thanks! I have never seen this isset() before! But I look it up online. Seems useful for sessions...

Thanks again

Share this post


Link to post
Share on other sites
Oh! :( It didn’t work. When you refresh the page a pop up appears that asks if you want to resubmit the POST data if you hit cancel it wont refresh the page and if you click yes it will resubmit the previous post data including the submit data. What else can I do to make it work?

IDK maybe its impossible? I know every forum I’ve ever been on doesn’t do it like that. All forums I’ve seen have an add reply button or something...

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.