monkeytooth Posted March 26, 2009 Share Posted March 26, 2009 Ok I have a form I am setting up. Rather simple per say. But I want to prevent duplicate posts. I have it set up to fill out the form, then go through a confirmation process and if no errors are found in the form data people can post it. Now, one issue I am running into is if someone hits the back button and "Resends" the post data they get a duplicate entry.. or if for some reason they hit refresh on the page they get a duplicate entry. How can I go about avoiding that, I have tried to unset(); post variables one by one or globally and doesnt seem to hold any ground a dup entry is still doable. So I am open to suggestions as to how to work around it so I don't have to worry about such things. Any ideas? Link to comment https://forums.phpfreaks.com/topic/151254-post-variables-and-preventing-dup-posts/ Share on other sites More sharing options...
WolfRage Posted March 26, 2009 Share Posted March 26, 2009 Add a hidden field into the form that is randomly generated. Then check this variable against already made posts, which should also have that variable logged, and make sure it does not match any with in the last say hour. Other wise use session, when the form is presented set a variable to false, when the form is recieved set it to true, if the variable is set to true then reject any other attempts to post the form... Link to comment https://forums.phpfreaks.com/topic/151254-post-variables-and-preventing-dup-posts/#findComment-794586 Share on other sites More sharing options...
monkeytooth Posted March 26, 2009 Author Share Posted March 26, 2009 That actually doesn't sound all that bad of an idea, didnt think of session use. However do you think that would work with a refreshed/reloaded page? For examples sake, you run through the form, you confirm, all is set to go, you click ok and it posts.. Now if for some reason you hit reload or back, your browser is just going to attempt to resend the same data that was sanctioned as good to go I can see how it may work for hitting the back button but not reload/refresh. As reload/refresh is keeping everything the same and running the script as if you were just freshly going to it. I may have this concept messed up in my head though. How would you suggest handling that would I wrap the existing code in an if-else type setup? ie: if(!$_SESSION['posted']) { $_SESSION['posted'] = $randomvar; } elseif($_SESSION['posted'] == $randomvar) { echo "form already processed"; } else { run through post and store code... } or would I tempt something else? Link to comment https://forums.phpfreaks.com/topic/151254-post-variables-and-preventing-dup-posts/#findComment-794597 Share on other sites More sharing options...
WolfRage Posted March 26, 2009 Share Posted March 26, 2009 Have the script check that session value right off the bat, if it is not set to true then go ahead and process it, other wise do not. Remember session data is stored on the server, not in the users browser, so there is no way they can manipulate that data, unless you give them access to it. Link to comment https://forums.phpfreaks.com/topic/151254-post-variables-and-preventing-dup-posts/#findComment-794600 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.