clearing all post data?

[shadiadiph]

mm I have a form that is four pages long then it goes to a thank you page.

 

How do I make it so that when they get to the thank you page it will clear all the $_post data that has already been sent so if they click back there is none of the previous data for the page to work from?

[shadiadiph]

sorry i thought i had it solved with session_destroy(); but it didn't work??

[omfgthezerg]

Post data is sent via the browser window.  You could create a session, database the information then check to see if the session existed in the database, If it did then simply refuse the data.

[shadiadiph]

mm i want it so after the submit page and on the thank you page the user can't click back and submit it again

 

on each page i use

 

if($username=="")

{

        header("Location: ionline.php");

        exit;

}

 

so if username has no value it goes to ionline.php is there no command to destroy the data or should i force it setting $username = ""; on the thankyou page?

[shadiadiph]

m that didn't work

[allworknoplay]

session_destroy() won't work. That's for sessions. You're using POST variables.

 

You can try running this function to loop through your POST variables and clear them out.

 

 

 

 

[shadiadiph]

this function??

[komquat]

I would try this:

 

if($username=="end")

{

        header("Location: ionline.php");

        exit;

}

 

Then on the Thank you page, put

    $username="end";

[allworknoplay]

this function??

 

Just do an unset on the POST variables.

 

So if you have one called $_POST[username];

 

You just do:

 

unset($_POST[username]);

[premiso]

Sessions have nothing to do with it. Unless you explicitly the the sessions.

 

If you do set the sessions:

foreach ($_SESSION as $key => $val) {
     unset($_SESSION[$key]);
}

 

Will remove any item from session. The header redirect to the thank you page should clear out all post data, using that function before the header call will also remove any session data.

 

EDIT:

If you use sessions for checking logged in, this will essentially log them out, so you may have the few session variables that need to stay in an "exempt" array and as long as $key is not in that array you are good.

[shadiadiph]

doesn't work and won't work because it is not being posted it is just a user clicking the back button

 

I also just tried this before the header and that didn't work

 

foreach ($_SESSION as $key => $val) {

    unset($_SESSION[$key]);

}

 

i don't understand this as the server is going from ionline3.php to isubmit.php to thankyou.php

 

from thankyou.php it goes straight to ionline3.php why doesn't doesn't it resubmit isubmit.php on the way back through?? I am confused about this issue also?

[shadiadiph]

when i think about some other sites they always force their thankyou pages to redirect after a certain amount of time but i don't think that is good

[allworknoplay]

doesn't work and won't work because it is not being posted it is just a user clicking the back button

 

I also just tried this before the header and that didn't work

 

foreach ($_SESSION as $key => $val) {

     unset($_SESSION[$key]);

}

 

i don't understand this as the server is going from ionline3.php to isubmit.php to thankyou.php

 

from thankyou.php it goes straight to ionline3.php why doesn't doesn't it resubmit isubmit.php on the way back through?? I am confused about this issue also?

 

Are you saying that the $POST data is still there when you go from thankyou.php to ionline3.php??

 

 

[shadiadiph]

yes

[allworknoplay]

yes

 

Ok then just to be save, run this to clear out your POST.

 

foreach ($_POST as $key => $val) {

    unset($_POST[$key]);

}

 

 

I think that should work.

[shadiadiph]

mm didn't work just keep reposting the same data i have added another check user loop on my submit page so if the user tries to resubmit it just says they have already registered but if anyone does come up for a solution for this please let me know

[premiso]

mm didn't work just keep reposting the same data i have added another check user loop on my submit page so if the user tries to resubmit it just says they have already registered but if anyone does come up for a solution for this please let me know

 

Ok here is the low down. Read and read carefully.

 

POST data is stored on the users browser. The only way to clear it is to redirect them from the page that uses the post data to another page.

 

So let's say I have pageSubmit.php which posts data to postProcess.php In the postProcess.php I need to use the header and redirect the user to a thankYou.php page. Doing this redirect will clear out any post data in the browser.

 

That is the straight forward logic. Now, can a user's browser have a functionality to save post data and re-fill it in? Sure can. Make sure that is not what is happening.

 

As long as you are not storing any of it in sessions, and you do the header redirect after the post data was processed this should wipe out any and all post data so if the back button is pushed it does not ask to re-submit the page.

[shadiadiph]

I am using session_start() on submit pages 1-3 on the submit page there is no session on the thank you page there is no session I have used session_destroy() on the submit page before  the page exits to the thankyou page but if you click back from the thankyou page it still holds the data I have tried everything mentioned in this post so far and more but the only way I can get it to work is to force a user check then redirect to a different message on the thankyou page I have only tried this in i.e 7 not sure it might work in other browsers