Jump to content

Can't redirect users who use their back button; $_GET vars aren't handled?


guttyguppy

Recommended Posts

I have two php files. The first has a field for a secret code the user gets from a package. They submit the code, and go to a second php file. If the code they entered is valid and unused, they see can fill out their address to receive a free sample of more product. If not, they are redirected back to the first php file and given an error message. If they try to access the 2nd php file directly, they are also redirected back to the first one.

Everything is working fine, except when the user enters a valid code on the first page, enters their address on the second page, hits submit, gets a success message, and then hits the back button. If they do that, they see the address form again, and can potentially enter a different address, submit, and get the success message again.

I thought I had it covered with

if(empty($_GET['code'])||!isset($_GET['code'])){
header('Location: http://website.com/entercode.php?p=empty'); //they didn't enter a code, or they came directly to this page
}
else {
//look up the code in the database, see if it's invalid or already used 	
}

in other words, doesn't the browser check for $_GET superglobals when the user hits the back button? Since the user stays on the second page, it seems as if the browser does check. Then why aren't they being sent back to the first page in that case?

isn't that what you are doing here?

 

if(empty($_GET['code'])){
header('Location: http://website.com/entercode.php?p=empty'); //they didn't enter a code, or they came directly to this page
}
else {
//look up the code in the database, see if it's invalid or already used 	
}

 

btw, the isset() is not needed if you are checking for it being empty

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.