Jump to content

POSTING DATA & REFRESH

jaymc

By jaymc
in PHP Coding Help

 Share

Recommended Posts

jaymc Advanced Member

jaymc

Posted
Posted
Ive made a PM system, when sending a message the info is posted to the next page and then read in and processed...

However, if you simply refresh that page it obviously resends all the data (after clicking 'retry')

This is an ideal way for someone to spam someones mail box very quickly

I'm just wondering how to combat the refresh action from resubmitting all the data

I dont want to start messing about with max amount of messages someone can send in a minute, I jsut want to stop it from resubmitting all the data and have it processed when they click refresh

Thanks
Link to comment
Share on other sites
jaymc Advanced Member

jaymc

Posted
  • Author
Posted
[quote author=joshi_v link=topic=113343.msg460496#msg460496 date=1162301016]
If you just want to post the whole stuff again , i think u can use headers to redirect to the same file!

If it is in JavaScript ,you can use,

[code]window.location.href='filename with file path' ;[/code]

Regards,
Joshi.
[/quote]
Thats the opposite to what I want to do

I just want the data posted once, as normal, but make sure that if they refresh the page all the data isnt submitted again
Link to comment
Share on other sites
roopurt18 Advanced Member

roopurt18

Posted
Posted
After the message is sent and everything, you can:

[code]<?php
// do everything that submits the message

// redirect to the same page
header("Location: " . $_SERVER['PHP_SELF']);
exit();
?>[/code]

However, all they have to do now is hit the back button to accomplish the same thing.  If you really want to stop them from spamming in this manner you really only have two choices I can think of:

1) Double check that this user hasn't recently, or ever, sent a message with the same exact body.

2) Limit the number of posts per segment of time.

The reason every other community website uses one of those two features is they're the only real way of preventing it.

A third possibility is to generate a unique token every time your page displays a form and save that token in a table with a timeout value.  When processing the posted form, check if the token your user is submitting exists in this table, that it matches the user who created the token, and that it is within the timeout period.
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.