jaymc Posted October 31, 2006 Share Posted October 31, 2006 Ive made a PM system, when sending a message the info is posted to the next page and then read in and processed...However, if you simply refresh that page it obviously resends all the data (after clicking 'retry')This is an ideal way for someone to spam someones mail box very quicklyI'm just wondering how to combat the refresh action from resubmitting all the dataI dont want to start messing about with max amount of messages someone can send in a minute, I jsut want to stop it from resubmitting all the data and have it processed when they click refreshThanks Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/ Share on other sites More sharing options...
joshi_v Posted October 31, 2006 Share Posted October 31, 2006 If you just want to post the whole stuff again , i think u can use headers to redirect to the same file!If it is in JavaScript ,you can use,[code]window.location.href='filename with file path' ;[/code]Regards,Joshi. Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/#findComment-117255 Share on other sites More sharing options...
jaymc Posted October 31, 2006 Author Share Posted October 31, 2006 [quote author=joshi_v link=topic=113343.msg460496#msg460496 date=1162301016]If you just want to post the whole stuff again , i think u can use headers to redirect to the same file!If it is in JavaScript ,you can use,[code]window.location.href='filename with file path' ;[/code]Regards,Joshi.[/quote]Thats the opposite to what I want to doI just want the data posted once, as normal, but make sure that if they refresh the page all the data isnt submitted again Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/#findComment-117263 Share on other sites More sharing options...
jaymc Posted October 31, 2006 Author Share Posted October 31, 2006 Any other ideas? Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/#findComment-117565 Share on other sites More sharing options...
roopurt18 Posted October 31, 2006 Share Posted October 31, 2006 After the message is sent and everything, you can:[code]<?php// do everything that submits the message// redirect to the same pageheader("Location: " . $_SERVER['PHP_SELF']);exit();?>[/code]However, all they have to do now is hit the back button to accomplish the same thing. If you really want to stop them from spamming in this manner you really only have two choices I can think of:1) Double check that this user hasn't recently, or ever, sent a message with the same exact body.2) Limit the number of posts per segment of time.The reason every other community website uses one of those two features is they're the only real way of preventing it.A third possibility is to generate a unique token every time your page displays a form and save that token in a table with a timeout value. When processing the posted form, check if the token your user is submitting exists in this table, that it matches the user who created the token, and that it is within the timeout period. Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/#findComment-117573 Share on other sites More sharing options...
jaymc Posted October 31, 2006 Author Share Posted October 31, 2006 Ok cheers I'll look into those optionsThanks Quote Link to comment https://forums.phpfreaks.com/topic/25694-posting-data-refresh/#findComment-117583 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.