Robert Samuel White wrote:
> You might want to modify your coding. The way I prevent this problem
> from ever happening is this:
>
>
>
> 1. The user completes information on the form.
>
> 2. The form is validated by PHP.
>
> 3. If there are errors, then the form is reshown with their values
> populated.
>
> 4. Once all errors are corrected, I process the form and then use a
> Header("Location: ") to redirect the user to the same page (or
> another page).
>
>
>
> This has the advantage of allowing a user to click the back button
> and seeing their form with their values still intact.
>
>
>
> This prevents a method post page from being in the user's browser
> history.
Robert,
I do the three first items but not the last one (#3 is done both client-side
and server-side by the way). I can add a hard redirect but I am a bit
surprised that it should fix the issue.
Yet I see it in Chris Shiflett's article at
http://shiflett.org/articles/guru-speak-nov2004
He also advises to add ini_set('session.cache_limiter', 'private');
Can somebody explain the login behind the redirect?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
