rv20 Posted May 31, 2009 Share Posted May 31, 2009 Page reload seems to be unique if i add an unset($_SESSION['variable']); at the top of the page then that session var are still set so i take it this can't be done? I am trying to prevent a form reload reposting variables without having a redirect somewhere in the script, so i was trying to use sessions to help out with this but i need to session to clear on the reload which it doesn't seem to do. Quote Link to comment Share on other sites More sharing options...
pneudralics Posted May 31, 2009 Share Posted May 31, 2009 Are you trying to prevent people from reloading a page after posting to keep adding data to the database? Just don't really understand you, but that's what it sounds like to me. Sorry if I'm wrong. If that's what you want I usually set a cookie with a short time limit, that way they can't f5 to reinsert to the database. I'm assuming something like the below can be done with sessions. if (!isset ($_COOKIE['contact'])) { //whatever goes here then set cookie setcookie ('post', "$ip", time()+30); } echo { echo 'You have to wait 30 seconds..'; } Quote Link to comment Share on other sites More sharing options...
laffin Posted May 31, 2009 Share Posted May 31, 2009 U have to start_session() before u can remove a session var Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 31, 2009 Share Posted May 31, 2009 ] <?php session_start(); //Must be used before accessing sessions unset($_SESSION['variable']); //remove it ?> <?php session_start(); $_SESSION = array(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); ?> But remember i just talk the talk. oh Hows your encryption algorithm coming alone ? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted May 31, 2009 Share Posted May 31, 2009 To stop users using a page reload, i set a session to a random code, and add that value to the form in a hidden field, once thats been processed the sessions is removed, so if the form is refreshed the session and the hidden field no longer match. I assume thats what your doing. Quote Link to comment Share on other sites More sharing options...
rv20 Posted May 31, 2009 Author Share Posted May 31, 2009 To stop users using a page reload, i set a session to a random code, and add that value to the form in a hidden field, once thats been processed the sessions is removed, so if the form is refreshed the session and the hidden field no longer match. I assume thats what your doing. Thanks for that, sounds good, about the md5 thing, i didn't even know what a hash was when i started that thread which i think i made clear so i am a novice when it comes to such things, i know a little bit more now than i did. The salt part answered my question. Quote Link to comment Share on other sites More sharing options...
rv20 Posted May 31, 2009 Author Share Posted May 31, 2009 I give up, been trying for hours but cannot get it, can someone give me an example of a login script that can return validation errors to a specific div on the login page and also prevents page refeshing reposting data? Quote Link to comment Share on other sites More sharing options...
laffin Posted June 1, 2009 Share Posted June 1, 2009 if it's specific, why not set yer errors to be specific as well. Use an array for yer errors,with the key index being the whre to place the error code and not shure why u need to redirect, I wud have the login only redirect on successful login. <?php start session(); if($_SERVER['REQUEST_METHOD']=='POST') { if(empty($_POST['username'])) { $error['username']="Required Field"; } elseif(empty($_POST['password'])) { $error['password']="Required Field"; } elseif(!preg_match('/[a-z]\w{4,}/i',$_POST['username'])) { $error['username']='Username invalid'; } if(!isset($error)) { // Code here to check user // example we use hardcoded, but normally sql connection and query goes here if(!($_POST['username']=='Laffin' && $_POST['password']=='password')) $error['general']="Invalid Login"; else { header('location: profile.php'); die(); } } } ?> <form enctype="multipart/form-data" method="post" action="login.php" name="login"> <fieldset> <?php if(isset($error['general'])) { ?> <span class="error"><b>Error: </b><?php echo $error['general']; ?></span><br /> <?php } ?> <legend>Login</legend> <label for="username">Username: </label> <input id="username" name="username" /> <?php if(isset($error['username'])) { ?> <span class="error"><b>Error: </b><?php echo $error['username']; ?></span> <?php } ?> <br /> <label for="password">Password: </label> <input id="password" name="password" type="password" /> <?php if(isset($error['password'])) { ?> <span class="error"><b>Error: </b><?php echo $error['password']; ?></span> <?php } ?> <br /> <input value="Login" type="submit" /> </fieldset> </form> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.