Jump to content

Recommended Posts

Page reload seems to be unique if i add an

 

unset($_SESSION['variable']);

 

at the top of the page then that session var are still set so i take it this can't be done?

 

I am trying to prevent a form reload reposting variables without having a redirect somewhere in the script, so i was trying to use sessions to help out with this but i need to session to clear on the reload which it doesn't seem to do.

Are you trying to prevent people from reloading a page after posting to keep adding data to the database? Just don't really understand you, but that's what it sounds like to me. Sorry if I'm wrong.

 

If that's what you want I usually set a cookie with a short time limit, that way they can't f5 to reinsert to the database. I'm assuming something like the below can be done with sessions.

if (!isset ($_COOKIE['contact'])) {
//whatever goes here then set cookie
setcookie ('post', "$ip", time()+30);
}
echo {
echo 'You have to wait 30 seconds..';
}

]
<?php
session_start(); //Must be used before accessing sessions
unset($_SESSION['variable']); //remove it
?>

 

<?php
session_start();
$_SESSION = array();
if (isset($_COOKIE[session_name()]))
{
    setcookie(session_name(), '', time()-42000, '/');
}
session_destroy();
?>

 

But remember i just

talk the talk.

 

oh Hows your encryption algorithm coming alone ?

To stop users using a page reload, i set a session to a random code, and add that value to the form in a hidden field, once thats been processed the sessions is removed, so if the form is refreshed the session and the hidden field no longer match. I assume thats what your doing.

To stop users using a page reload, i set a session to a random code, and add that value to the form in a hidden field, once thats been processed the sessions is removed, so if the form is refreshed the session and the hidden field no longer match. I assume thats what your doing.

 

Thanks for that, sounds good, about the md5 thing, i didn't even know what a hash was when i started that thread which i think i made clear so i am a novice when it comes to such things, i know a little bit more now than i did.

 

The salt part answered my question.

if it's specific, why not set yer errors to be specific as well. Use an array for yer errors,with the key index being the whre to place the error code

 

and not shure why u need to redirect, I wud have the login only redirect on successful login.

 

 

<?php
start session();
if($_SERVER['REQUEST_METHOD']=='POST')
{
    if(empty($_POST['username']))
    {
        $error['username']="Required Field";
    } elseif(empty($_POST['password']))
    {
        $error['password']="Required Field";
    } elseif(!preg_match('/[a-z]\w{4,}/i',$_POST['username']))
    {
        $error['username']='Username invalid';
    }
    
    if(!isset($error)) {
    // Code here to check user
    // example we use hardcoded, but normally sql connection and query goes here
        if(!($_POST['username']=='Laffin' && $_POST['password']=='password'))
            $error['general']="Invalid Login";
        else {
            header('location: profile.php');
            die();
        }
    }
    
}
?>
<form enctype="multipart/form-data" method="post" action="login.php" name="login">
  <fieldset>
    <?php if(isset($error['general'])) { ?>
        <span class="error"><b>Error: </b><?php echo $error['general']; ?></span><br />
    <?php } ?>
    <legend>Login</legend>
    <label for="username">Username: </label>
    <input id="username" name="username" />
    <?php if(isset($error['username'])) { ?>
        <span class="error"><b>Error: </b><?php echo $error['username']; ?></span>
    <?php } ?>
    <br />
    <label for="password">Password: </label>
    <input id="password" name="password" type="password" />
    <?php if(isset($error['password'])) { ?>
        <span class="error"><b>Error: </b><?php echo $error['password']; ?></span>
    <?php } ?>
    <br />
    <input value="Login" type="submit" />
  </fieldset>
</form>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.