Jump to content

redirect brings up page with outdated information


pintee

Recommended Posts

I have a character creation form where you enter the name of your character then press submit. It then brings up a success page. However, I don't want the user to be able to use their back button to return to the character creation page, so on the character creation page I redirect to the main menu page if it is detected that the referring page was the success page. However when it brings up the main menu page, the information it shows is out of date. You have to refresh the page for it to reflect the latest changes. It's almost as if the redirect is bringing up a cached version of the page....

Any ideas why the latest changes aren't being shown on redirect?

 

 

createcharacter.php

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');
include('character.class.php');
include('playercharacter.class.php');

$dbo = database::getInstance();
$dbo -> connect("***********", "********", "*********", "********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 
if($_SERVER['HTTP_REFERER'] == "success.php") {
    // If they are not, we redirect them to the login page. 
    header("Location: mainmenu.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to mainmenu.php");
} 
if(!empty($_POST)) {

    $character = new character();
    $data = array("character_name" => $_POST['charactername'], "health" => 0, "money" => 1500, "exp" => 0, "rank" => 0, "points" => 0); 
    $character -> bind($data);
    $character -> store();
    $character_id = $dbo -> getConnection() -> lastInsertId();

    $playercharacter = new playercharacter();
    $data = array("character_id" => $character_id, "user_id" => $_SESSION['user']['user_id']);
    $playercharacter -> bind($data);
    $playercharacter -> store();

    $query = "SELECT * FROM playercharacter WHERE character_id = :character_id"; 

    try { 
        $stmt = $dbo->getConnection()->prepare($query); 
        $result = $stmt->execute(array(':character_id'=>$row['character_id'])); 
    } 
    catch(PDOException $ex) { 
        die("Failed to run query4: " . $ex->getMessage()); 
    }

    $row = $stmt->fetch(PDO::FETCH_ASSOC);
    $_SESSION['playercharacter'] = $row;

    // If they are not, we redirect them to the login page. 
    header("Location: success.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to success.php");    
 }         
?>

<!DOCTYPE HTML>
<head>
<meta http-equiv="content-type" content="text/html" />
<meta name="author" content="lolkittens" />

<title>Untitled 5</title>
</head>

 <body> 
<h1>Create Character</h1> 
<form action="createcharacter.php" method="post"> 
    Enter name:<br /> 
    <input type="text" name="charactername" value="" /> 
    <br /><br /> 
    <input type="submit" value="Create" /> 
</form> 
</body>

success.php

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');

$dbo = database::getInstance();
$dbo -> connect("*************", "*********", "**********", "***********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

// At the top of the page we check to see whether the user is logged in or not 
if(empty($_SESSION['user'])) 
{ 
    // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 

// We can display the user's username to them by reading it from the session array.  Remember that because 
// a username is user submitted content we must use htmlentities on it before displaying it to the user. 

 ?>
 <!DOCTYPE html>
 <html>
 <head>
  <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js">
  </script>  
 </head>
 <body>
 <a href="mainmenu.php">Success!</a></a>

  </body>
  </html>

mainmenu.php

<?php 

// First we execute our common code to connection to the database and start the session 
define('MyConst', TRUE);

include('database.class.php');
include('table.class.php'); 
include('user.class.php');
include('loginattempts.class.php');
include('timer.class.php'); 
include('functions.php'); 
include('loginf.php');

$dbo = database::getInstance();
$dbo -> connect("*********************", "******************",     
    "***************", "*****************", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); 

secSessionStart();

    // At the top of the page we check to see whether the user is logged in or not 
    if(empty($_SESSION['user'])) 
    { 
      // If they are not, we redirect them to the login page. 
    header("Location: login.php"); 

    // Remember that this die statement is absolutely critical.  Without it, 
    // people can view your members-only content without logging in. 
    die("Redirecting to login.php"); 
} 

// Everything below this point in the file is secured by the login system 

// We can display the user's username to them by reading it from the session array.  Remember that because 
// a username is user submitted content we must use htmlentities on it before displaying it to the user. 
 ?>

<?php 
$stmt = $dbo->getConnection()->prepare("SELECT count(character_name) FROM      
playercharacter JOIN `character` ON (playercharacter.character_id =    
`character`.character_id) WHERE user_id = :user_id");
$query_params = array(':user_id'=>$_SESSION['user'][user_id]);       
// Execute the prepared query.
$result = $stmt->execute($query_params);
$rows = $stmt->fetch(PDO::FETCH_NUM);
echo $rows[0];
$createCharacters = 4 - $rows[0];

for($i = 0; $i < $createCharacters; $i++) {
    echo '<a href="createcharacter.php">Create Character</a><br />';
}
for($i = 0; $i < $rows[0]; $i++) {
    echo '<a href="loadplayer.php?id='.$rows[0].'">Play</a> <br />';
// echo '<a href="loadplayer.php">Create Character</a><br />`;
}            
?>

<!DOCTYPE html>
<html>
<head>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script src="functions.js"></script>  
</head>
<body>

</body>
</html>

Any help would be greatly appreciated!!

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.