I am not using a session, and redirecting I think would be a bad way
of doing this because of the potential hit that the server would take
for every insert. I have done a few pages like this, and never ran
into this situation. Now I need to go back and fix this. Basically
all I have is this.
add.php
<?
<form action="insert.php" method="post" name="insertlocation">
Name: <input type="text" name="textfieldName" size="24" />
</form>
?>
Then in insert.php I have this:
if ($_POST['name'] !== "")
{
$name = $_POST['name'];
$query = "insert into Locations
(name)
values
('$name)";
mysql_query($query, $link) or die (mysql_error());
}
This is how I learned in some book somewhere. Is everyone saying that
I need to either use sessions, or redirect so that when someone
refreshes insert.php, it doesn't submit the information again? To me
it seems that there has to be a more efficient way. I don't
understand the token thing that some are suggesting.
On Feb 16, 2006, at 4:39 PM, Curt Zirzow wrote:
On Thu, Feb 16, 2006 at 01:23:23PM -0600, Richard Lynch wrote:
On Thu, February 16, 2006 9:07 am, Mike Tuller wrote:
How do I clear out the POST variables, or the variables that I have
set from the POST variables, so that when the page is refreshed it
will not resubmit. I have tried unset() and have tried to set it to
and
empty value, but it doesn't seem to work.
You can't clear out the POST variables -- they are SENT by the
browser
to you.
The simplest solution is to set up a one-time-use token and embed
that
in your FORM data:
<?php
$connection = mysql_connect('localhost', 'username', 'password') or
die(mysql_error());
if (isset($_POST['example'])){
$token = $_POST['token'];
$query = "delete from token where token = '$token'";
I usually use a session based token but i guess it the result is
the same.
Curt.
--
cat .signature: No such file or directory
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
