Jump to content


Photo

Form help - stop user pressing back and changing submitted values


  • Please log in to reply
6 replies to this topic

#1 master82

master82
  • Members
  • PipPipPip
  • Advanced Member
  • 182 posts

Posted 27 July 2006 - 11:11 AM

Is there a bit of PHP code that can be used to prevent a user from pressing the back button or something of that nature.

What I have is a form with a question on, when its submitted it will place the answer onto my SQL database and go to the next question - however if the user presses back they can change what they originally put, which will update the answer in the database if submitted again - i dont want this to happen.

I have used a piece of code (top of each question page) that will redirect the user to the next unanswerd question by checking if the field in the database is blank, but this does not work if you hit the back button (It shows the form fully filled in - a few radio buttons)

Anyone help?

#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 27 July 2006 - 11:15 AM

Theres no real way of stopping the user hitting the back button, but what you'll probably want to do is check whether the user has already inserted something into the database already. You'll probably want to the log users IP address when they complete each question, however this is not a bulletproof workaround, espcially uf the user has a dynamic ip address, which could change on every page reguest/couple of minutes etc.

#3 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 27 July 2006 - 11:27 AM

another way would be to set a session up on data being inputted and then if user presses back and then submit again you check to see if variable is set and if so then put a message up saying so.. they can easily close browser and then it will work but it makes it a bit slower for them.

Could possibly seta  cookie also which in turn is searched for and sets a session also everytime they go onto the page?

Regards
Liam
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#4 jcbarr

jcbarr
  • Members
  • PipPipPip
  • Advanced Member
  • 219 posts

Posted 27 July 2006 - 11:30 AM

You can also have the window that the form is in open in a new window and turn off the toolbar so that the back button is not visible.

That is an HTML fix, but it can help. Also like he said, when they answer the question check to see if there is an entry in the database already, if there is have it output an error and forward them on to the next question.

#5 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 27 July 2006 - 11:51 AM

You can also have the window that the form is in open in a new window and turn off the toolbar so that the back button is not visible.

That is an HTML fix, but it can help. Also like he said, when they answer the question check to see if there is an entry in the database already, if there is have it output an error and forward them on to the next question.

This will not work, as the page can still go back by right clicking and selecting Back from the menu, or by simply hitting the backspace key.

#6 killerb

killerb
  • Members
  • PipPipPip
  • Advanced Member
  • 48 posts

Posted 27 July 2006 - 01:38 PM

Use sessions. I dug this out for you:

<?php


    function prevent_multi_submit($name) {
    $string = "";
    foreach ($_POST as $key => $val) {
            $string .= $val;
    };
    $i='0';// because if they submit once, then submit different values, the first submit is still retained. Clever eh!
    while(isset($_SESSION[$name.$i])){
        if ($_SESSION[$name.$i] === md5($string)) {
            return false;
        } else {
            $i++;
        };
	};//end while

        $_SESSION[$name.$i] = md5($string);
        return true;
} 

Call it like this:

<?php
  ####    MULTIPLE SUBMISSIONS   ####
  if(!prevent_multi_submit('mailForm')){ // 'mailForm' can be whatever you like
    $log.='You cannot submit the same form twice!<br />';
  }

or if you run all your queries through a class or wrapper function, you can include this sort of condition before querying the DB:
<?php

	    if(!prevent_multi_submit($_SESSION['userName'])){
	      global $keyWords;
	      require_once(lang('keyWords'));
		  add_error($keyWords['1']);
		  go_last_page();
		  exit; 
	  };

?>

After processing all your error checking, display the error message.

<?php
if($log!=''){
$content='<div class="error">'.$log.'</div>'.$content;
};
$pageBuilder->addContent($content);
echo $pageBuilder->assemble(get_error());
?>

;)
Experience is something you get just after you need it.

#7 king arthur

king arthur
  • Members
  • PipPipPip
  • Advanced Member
  • 335 posts
  • LocationUK HQ

Posted 27 July 2006 - 01:45 PM

The book 'PHP Hacks' describes a way around this kind of problem.  You insert a unique id into the page being submitted and store it with the data. If the user hits the submit button twice, either by pressing it again while the first response is being processed or by hitting the back button, the same id will be sent twice, you detect this and discard the second submission.
Sir Isaac Newton said "If I have seen farther, it is by standing on the shoulders of giants". But it is not recorded as to whether he said it before or after he was hit on the head by a falling apple.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users