After Refresh the Input Gets Inserted AGAIN in the Database!

[chaseman]

After I've successfully inputted something in my script and then click refresh in Chrome with "Right Click -> Reload", the same thing that I've inputted before gets re-inserted AGAIN into the database, thus resulting in multiple versions of the same thing in the MySQL database.

 

 

How can I prevent that?

 

p.s. Chrome is warning with a pop up of repeated action, and when I then click continue the repeated insertion of the data occurs, and I'd like to prevent the repeated insertion.

[ignace]

Post/Redirect/Get

[chaseman]

Right now an echo is being outputted right under the input box saying that it has been successfully submitted, I would like to keep it that way, because I find a redirect to a new site user-unfriendly.

 

Is there a way I can accomplish this? Perhaps redirect to the same page again?

[ManiacDan]

Redirect back to the same page with a $_GET variable that instructs the page to print the success message.  If you don't destroy $_POST, refresh will re-submit.

 

-Dan

[litebearer]

Might look into INSERT IGNORE

[ignace]

...because I find a redirect to a new site user-unfriendly... Perhaps redirect to the same page again?

 

What do you think Post/Redirect/Get implies?

[chaseman]

Ok after a bit of fiddling around I solved the problem by adding:

<?php
if (isset($_POST['submit'])) {
header ('Location: 01.php');
}
?>

 

to the very top (before the <html> tags) of my index php file, the repeated insertion is now avoided, I also don't get the error message of Chrome, but I have a new problem, the echo messages of my script don't work anymore.

 

I don't get the error message "Please fill out all fields" when leaving fields empty, and I also don't get the "successfully submitted" echo message.  But the script itself still works as before.

 

I must have broken apart the processing of the code. If anyone knows how to fix it, I'd appreciate a tip. I'll keep fiddling around.

 

I think I haven't quite understood the $_GET part of the solution, I tried googling it, but couldn't find really much.

[chaseman]

Ok, I'm slowly understanding the LOGIC... when I press SUBMIT, the header function gets activated and the page gets refreshed thus RESULTING in the echo messages to be SWALLOWED down, that's why I'm not seeing the echo messages, but theoretically they're there just not on the new redirected page, but on the older one.

 

So the question comes up, how can I catch those error messages and echo them out on the new redirected page?

 

EDIT: What I'm basically asking is, is there a way to tell the header after SUCCESSFUL SUBMIT refresh the page?, because as it is now it's refreshing it every time SUBMIT is being clicked.

[Pikachu2000]

You don't need to. If there are validation errors, the database insert shouldn't run anyhow, thus there is no need to redirect until after the insert runs successfully.

[litebearer]

logic (note: did_i_store is a session variable)

 

if not submitted  display normal form

 

if submitted with errors display form with error messages

 

if submitted with NO errors and did_i_store = no -- validate data, if not good set error messages, redirect back to top, if good  store the data, set did_i_store to 1, direct back

 

if submitted with NO errors and did_i_store = yes display success

 

 

[chaseman]

logic (note: did_i_store is a session variable)

 

if not submitted  display normal form

 

if submitted with errors display form with error messages

 

if submitted with NO errors and did_i_store = no -- validate data, if not good set error messages, redirect back to top, if good  store the data, set did_i_store to 1, direct back

 

if submitted with NO errors and did_i_store = yes display success

And WHY exactly does the bold marked one not happen, if I purposely submit with errors?

 

Sorry for all these noob question, I think I just need to fiddle around more.

[Pikachu2000]

That's really hard to answer, since you haven't posted the form or the code that processes it . . 

[chaseman]

Ok this is the form for the submission:

 

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

<label for="asciiart_name">Name of ASCii Art:</label><br />
<input type="text" id="asciiart_nameCategory" name="asciiart_name" value="<?php if (!empty($asciiart_name)) echo $asciiart_name; ?>" /><br />
<br />
<label for="asciiart_category">Category:</label><br />
<select name="asciiart_category" id="chooseCategory">
    <option disabled>Choose Category...</option>
	<option>Category1</option>
	<option>Category2</option>
	<option>Category3</option>
</select>
<br /><br />

<label for="asciiart_contribution">Post here:</label><br />
<textarea type="text" id="asciiart_contribution" name="asciiart_contribution" value="<?php if (!empty($asciiart_contribution)) echo $asciiart_contribution; ?>"></textarea><br />

<input type="submit" name="submit" value="Post It!" />
</form>

 

 

 

 

and this is the script that processes the submission:

 

<?php

require_once ('connectvars.php');

if (isset($_POST['submit'])) {
// Connect to the database 
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
  
  
// Grab the score data from the POST
$asciiart_name = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_name'])));
$asciiart_category = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_category'])));
$asciiart_contribution = htmlspecialchars($_POST['asciiart_contribution']);
$asciiart_contribution = str_replace("'","''", $asciiart_contribution);

  if (!empty($asciiart_name) && !empty($asciiart_category) && !empty($asciiart_contribution)) {
      // Write the data to the database
      $query = "INSERT INTO asciiart (asciiart_name, asciiart_contribution, asciiart_category, created_date) VALUES ('$asciiart_name', '$asciiart_contribution', '$asciiart_category', now())";
      mysqli_query($dbc, $query);
  
  
			// Confirm success with the user
		  echo '<p>Thanks for adding your new ASCii Art!</p>';
		  
				   // Clear the score data to clear the form
				  $asciiart_name = "";
				  $asciiart_category = "";
				  $asciiart_contribution = "";
		  
  
  mysqli_close($dbc);
  }  
		else {
			echo '<p class="error">Please enter all of the information to add your ASCii Art.</p>';
    }
  }
  
  //The ASCii Arts get listed
include_once ('asciiart_list.php');
?>

 

 

In the 01.php (the index php file) the submit from comes in with include_once() and the script for processing comes without include_once(), because if I do the script for processing with include as well I get weird symbols on the page.

 

Hope you can help, thx.

[chaseman]

Could it be that the two

 

if (isset($_POST['submit']))

 

statements (one in the header and one in the script) are clashing?

 

When SUBMIT is being clicked, both are being activated, the header AND the script? And before the error messages can be displayed the script immediately gets refreshed with the header?

[litebearer]

Here is a psuedo code example of the logic in action. Note that more error checking should and could be utilized.

 

It is NOT your coding, rather an example of how one might implement to achieve your goals.

 

(untested and un-proof-read === I trust Pika to catch my errors   )

form.php

<?PHP
session_start();

/* we are going to presume that a logged in valid user is answering a question */
/* and that we stored the user id in a session variable */

$id = $_SESSION['user_id']

/* check to see if form has been submitted */
if(not submitted OR error messages are set) [
 /* display the form */
?>
<form action="" method="post">
	Your dog's name?: <input type="text" name="dogname" size="10" maxlength="10" value=""><br>
	<?PHP 
	$_SESSION['did_i_store'] = "no";
	if(isset($_SESSION['error_message_1'])) { 
		echo $_SESSION['error_message_1'] . "<br>";
		unset($_SESSION['error_message_1']);
	}
	<input type="submit" value="Submit">
</form>
}

if(submitted AND error messages NOT set) {
/* validate the data */
if(trim($_POST['dogname']=="") {
	/* set error message */
	$_SESSION['error_message_1'] = "Please enter valid name";
	header ("Location: form.php");
	exit();
}
if($_SESSION['did_i_store']=="no")) {
	$dogname = $_POST['dogname'];
	/* connect to db */
	include('db.php'];
	/* create the query */
	$query = "INSERT INTO tablename (userid, dogname) VALUES ('$id', '$dogname)";
	/* execute the query */
	$result = mysql_query($query);
	$_SESSION['did_i_store'] = "yes";
}
?>
	Congratulations! Your dog <?PHP echo $dogname. ?> has been entered.<br>
<?PHP
}
?>

[chaseman]

litebearer,

 

thanks for the explanation, I understand it a little bit better now, the problem is, when I try doing exactly what you did, that is implementing the header within the script I get the error message "can't modify header", when I try remove everything above it until I'm only left with:

 
<body>
<?php
and then the whole script including the header

 

Then I get the error message that there's an output being made on line 8, which is the line with the <?php starting tag.

 

So I'm lost here. Other than that it makes sense what you're saying

 

1. When script run successfully -> Header()

OR

2. When script run unsuccessfully -> ERROR

 

Simple as that, if I now would manage to implement the header right in the script without the error messages it may work.

 

In the beginning I got it to work (without the error messages working) because I put the header at the very top of the page, I didn't know it was possible to implement the header right in the script as well.

 

 

This is how it should look like:

 

if (isset($_POST['submit'])) {
// Connect to the database 
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
  
  
// Grab the score data from the POST
$asciiart_name = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_name'])));
$asciiart_category = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_category'])));
$asciiart_contribution = htmlspecialchars($_POST['asciiart_contribution']);
$asciiart_contribution = str_replace("'","''", $asciiart_contribution);

  if (!empty($asciiart_name) && !empty($asciiart_category) && !empty($asciiart_contribution)) {
      // Write the data to the database
      $query = "INSERT INTO asciiart (asciiart_name, asciiart_contribution, asciiart_category, created_date) VALUES ('$asciiart_name', '$asciiart_contribution', '$asciiart_category', now())";
      mysqli_query($dbc, $query);
  header ('Location: 01.php');
	exit;

    // Confirm success with the user
		  echo '<p>Thanks for adding your new ASCii Art!</p>';
		  
				   // Clear the score data to clear the form
				  $asciiart_name = "";
				  $asciiart_category = "";
				  $asciiart_contribution = "";
		  
  
  mysqli_close($dbc);
  }  
		else {
			echo '<p class="error">Please enter all of the information to add your ASCii Art.</p>';
    }
  }

 

Notice how the confirmation comes AFTER the REDIRECT.

 

What can I do about the can't modify header error message, how can I implement the header successfully in the script?

[litebearer]

You CANNOT output ANYTHING (that means spaces etc) before using header; so let's see your entire code for that page/script

[chaseman]

UPDATE:

 

I got it to work by putting the whole script at the very top of the page, and then taking the submit form and putting it BELOW the script, because the submit form has an action="<?php echo $_SERVER['PHP_SELF']; ?>"

And that echo in the action can cause the header not to work as well. So now the redirect works and i'm also getting the error messages, only thing I'm not getting is the success message.

 

I'll see if I can get that to work as well.

 

litebearer, since you asked, this is the entire code for the 01.php (index php page)

 

<?php
require_once ('connectvars.php');
if (isset($_POST['submit'])) {
// Connect to the database 
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
  
  
// Grab the score data from the POST
$asciiart_name = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_name'])));
$asciiart_category = strip_tags(mysqli_real_escape_string($dbc, trim($_POST['asciiart_category'])));
$asciiart_contribution = htmlspecialchars($_POST['asciiart_contribution']);
$asciiart_contribution = str_replace("'","''", $asciiart_contribution);

  if (!empty($asciiart_name) && !empty($asciiart_category) && !empty($asciiart_contribution)) {
      // Write the data to the database
      $query = "INSERT INTO asciiart (asciiart_name, asciiart_contribution, asciiart_category, created_date) VALUES ('$asciiart_name', '$asciiart_contribution', '$asciiart_category', now())";
      mysqli_query($dbc, $query);
  header ('Location: 01.php');
	exit;

    // Confirm success with the user
		  echo '<p>Thanks for adding your new ASCii Art!</p>';
		  
				   // Clear the score data to clear the form
				  $asciiart_name = "";
				  $asciiart_category = "";
				  $asciiart_contribution = "";
		  
  
  mysqli_close($dbc);
  }  
		else {
			echo '<p class="error">Please enter all of the information to add your ASCii Art.</p>';
    }
  }
  
  //The ASCii Arts get listed
include_once ('asciiart_submit.php');
include_once ('asciiart_list.php');
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> 
<input type='submit' name='All' value='All' />
<input type='submit' name='Smileys' value='Smileys' />
</form>
</center>
</body>
</html>

 

Again it is working now, the only thing that doesn't work is the success message. I'll try to solve that.

[litebearer]

Glad it is working.

 

The not displaying success is due to you doing the header AND exit just before the success message. Those two being where they are will NEVER allow the script to get to the success. I suggest removing those two and simply putting a 'Continue here' link at the end of the success.

[tobimichigan]

this problem could have been solved with a session...

[chaseman]

litebearer, thanks for letting me know, makes sense that the script is being exited before it even reaches the success.

 

tobimichigan, thanks for the tip, I'm new to programming, I program PHP only since a month now, I will get it into sessions now and see if I can solve this problem more efficiently.