how to stop browser refreshing

[Goose87]

I need to stop users on my website refreshing the page.

 

I know a website that has a number in the url and calls that the refresh code, but I have tried to replicate it and have failed..  I couldn't get the same two values to go across the script.

 

Could someone please give me some sort of indication of the way to do it, as I REALLY need this feature on my website as soon as possible...

 

Thanks in advance!

 

Goose.

[.josh]

You cannot stop a user from refreshing their browser.  I can't really be all that specific in what you can do to handle them doing it, without more details about your site and why you are wanting to prevent them from doing this, but in general, you can start a session variable on initial page load, and check for its existence on the page.  If it exists, that means the user reloaded the page.  But it might not necessarily be a straight page refresh.  User could have loaded the page, gone to a different page on your site, and come back.  So you may want to consider that.  If you do not want something being counted or whatever for the user's visit no matter what, then it would be okay as is, but if you want to allow them to leave the page and come back you will have to script your other pages to remove the session variable. 

 

Also, the session variable will last until it times out (default 30m inactivity), or until the user closes the browser, whichever comes first.  So the user could go to this page, leave your site altogether and come back, and session variable will still be there if it's been less than 30m. So you'll have to consider whether you want to count that or not.  Easiest way to allow for that is to check the referring url on your page, as well.

 

Also, this is only a solution for immediate user visits or 'sessions' to your site.  If you want them to never be able to refresh the page again, you will have to store something in a database or flatfile, linked to the user.  If the user is required to be logged in to get to this page, you can store it in their row in the db or link it to their account info easy enough.  If they are not required to login to get to this page, you can do things like check the user's IP address, but it's pretty easy to get around that. 

 

As far as the actual code for implementing this; it's pretty basic.

 

<?php
  session_start();
  if ($_SESSION['someVar'])  {
    // user has already been here, do something (or don't do something)
  } else {
    $_SESSION['someVar'] = true;
    // rest of page code here
  }
?>

 

 

[Goose87]

Ah ok, I see what you mean that my statement was quite broad and too vague to give a detailed response.

 

The website I run is a game.  The users have to click a button once every 5 minutes for some activities, and I want to stop the user being able to do that.  It isn't a problem if it's more than once every 15 minutes, but it's every 5 minutes that's a problem.  It also isn't a problem if the user goes to a different page and comes back, what I am trying to stop is auto-refreshers.  If the user is there, it's fine, but I don't want the people to be able to press the submit button, then wait 5 minutes, and press f5 (or an auto-refresher doing that), I just want them to press the same button again.

 

The problem with a session in that respect is that I don't have a problem if they are on the same page and do it again, I have a problem if they submit the form again without refreshing. 

 

I think the following MIGHT work:

 

The user submits the form.  A value is stored in the database.  If they were to press f5, the form submitted would be the same value as the value stored in the form, thus causing an error.  If they were to press the button that is on the same page 5 mins later, the link would be new, thus removing all problems.  I'm really tired at the moment, so I can't think properly, but I feel that there is a loophole to that method somehow..

[nbarone]

have the page with the button store a timestamp in a hidden field. send that field the the post page and if it's more than a 30 second difference (or less/more) don't allow the "refresh"