I've found a way that works for me.
Using the START SESSION on the initial form, e.g.
<?php
session_start();
// store session data
$_SESSION['form'] = "1";
?>
and the using the code below in the processing form.
You can do a check if the user has already submitted the from by the initial
session that starts then he/she is on the submitting form. If it is already
set it can continue, else stop and redirect.
MAKE SURE to put the unset session at the end of the form.
<html>
<head>
<title>Add Publication</title>
</head>
<body>
<h1>Add</h1>
<?php
// Check session
session_start();
if ($_SESSION['form'] == 1)
{
// create short variable names
$producttype=$_POST['producttype'];
$producttitle=$_POST['producttitle'];
$productdescription=$_POST['productdescription'];
$productauthor=$_POST['productauthor'];
$productlang=$_POST['productlang'];
$productprice=$_POST['productprice'];
$productstatus=$_POST['productstatus'];
$productimg=$_POST['productimg'];
}
else
{
echo 'Go back and complete the form';
echo header('Location: insertpublication.php');
exit;
}
// End session checking
if (!$producttype || !$producttitle || !$productauthor || !$productlang ||
!$productprice || !$productstatus)
{
echo 'You have not entered all the required details.<br />'
.'Please go back and try again.';
unset($_SESSION['form']);
exit;
}
@ $prodb = new mysqli('I DONT THINK SO!!!');
if (mysqli_connect_errno())
{
echo 'Error: Could not connect to database. Please try again later.';
exit;
}
$query = "INSERT into tblproductinfo
(ProductType, ProductTitle, ProductDesc, ProdAuthor,
ProductLang, ProductPrice, ProductStatus, ProductImg)
VALUES
('".$producttype."', '".$producttitle."',
'".$productdescription."', '".$productauthor."', '".$productlang."',
'".$productprice."', '".$productstatus."', '".$productimg."')";
$result = $prodb->query($query);
if ($result)
echo $prodb->affected_rows.' book inserted into database.';
$queryshow = "
SELECT
tblproductinfo.ProductID,
tblproductinfo.ProductTitle,
tblproductinfo.ProductDesc,
tblproductinfo.ProductPrice,
tblproductinfo.ProductTQty,
tblproductinfo.ProductImg,
tblauthor.AuthorName,
tblproductlang.ProductLang,
tblproducttype.ProductType,
tblproductstatus.ProductStatus
FROM
tblproductinfo
Inner Join tblproductstatus ON tblproductinfo.ProductStatus =
tblproductstatus.ProductStatusID
Inner Join tblproductlang ON tblproductinfo.ProductLang =
tblproductlang.ProductLangID
Inner Join tblauthor ON tblproductinfo.ProdAuthor = tblauthor.AuthorID
Inner Join tblproducttype ON tblproductinfo.ProductType =
tblproducttype.ProductTypeID";
$resultshow = $prodb->query($queryshow);
$num_results = $resultshow->num_rows;
echo '
<table width="700" border="1">
<tr>
<td>
Book ID
</td>
<td>
Type
</td>
<td>
Title
</td>
<td>
Description
</td>
<td>
Author
</td>
<td>
Language
</td>
<td>
Price
</td>
<td>
Status
</td>
<td>
Image
</td>
</tr>';
for ($i=0; $i <$num_results; $i++)
{
$row = $resultshow->fetch_assoc();
echo '<tr>';
echo '<td>'.($row['ProductID']).'</td>';
echo '<td>'.($row['ProductType']).'</td>';
echo '<td>'.($row['ProductTitle']).'</td>';
echo '<td>'.($row['ProductDesc']).'</td>';
echo '<td>'.($row['AuthorName']).'</td>';
echo '<td>'.($row['ProductLang']).'</td>';
echo '<td>£'.($row['ProductPrice']).'</td>';
echo '<td>'.($row['ProductStatus']).'</td>';
echo '<td><a href=images/'.($row['ProductImg']).'>Preview image
</a></td>';
echo '</tr>';
};
echo '</table>';
unset($_SESSION['form']);
$prodb->close();
?>
</body>
</html>
