Canman2005 Posted March 5, 2008 Share Posted March 5, 2008 Hi all I have a question. I am building a login form which makes the user enter an email address and password, I think the best method to sent the data would be a POST, this is because if I send the form data as GET, then it will be stored in the web history log and someone could find out what the password is. The problem is that when I send the data as a POST, if the login fails and the user clicks the back button, if they then hit the forward button, you get an alert box with The page you are trying to view contains POSTDATA that has expired from cache. Is there a way to avoid this message? It's really bugging me Thanks Dave Link to comment https://forums.phpfreaks.com/topic/94594-posting-passwords/ Share on other sites More sharing options...
roopurt18 Posted March 5, 2008 Share Posted March 5, 2008 You can prevent this by doing the following: // // process your post data first // ... // ... // Finished with post data, now immediately redirect header('Location: new/url'); exit(); (edit) What happens is the user posts the data, your script processes it but then redirects the browser to a new page that has no post data submitted to it. When the user presses the back button they are taken to the page that had the form, not the one in the middle that processed the data. If they click forward it returns them to the final page. Basically the processing page is lost to the browser and the alert goes away. (edit x2) Note that you do not need to create 3 files to handle all of this; you can do it in one by being clever. Link to comment https://forums.phpfreaks.com/topic/94594-posting-passwords/#findComment-484360 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.