On Aug 25, 2011, at 5:01, John Black <spam@xxxxxxxxxxxxxxxxxxxxxxxx> wrote: > On 24.08.2011 21:38, Mike Mackintosh wrote: >> On Aug 24, 2011, at 11:52, John Black<spam@xxxxxxxxxxxxxxxxxxxxxxxx> wrote: >>> On 08/24/2011 03:04 AM, Jason Pruim wrote: >>>> Wondering what everyone does to prevent multiple form submissions? >>>> My form is simply getting emailed to my email, and it redirects to a success page when submitted... >>>> Would it be as simple as doing something with the cache control? Basically I'm trying to avoid someone submitting a form... Then hitting back, and submitting again, then hitting back.... I think you get the idea... >>>> What do you all do? >>>> Jason Pruim >>> I am using $_SESSION for this. Set a value on the initial page, a timestamp is a good choice, then validate the value on the receiving script and clear the value. >>> I like to use a timestamp because it will allow you to deny a comment which took too long to submit. >> I've always tended to stay away from session for that, as when the browser closes/restarts, the page is accessible again. > > True, a SESSION can be reset by closing the browser but I am not trying to deny a user from submitting different information again. I want to prevent them from submitting the same data again by accident (back button or refresh). > > A visitor, enters on the form UI page, the session is set, user submits and the form will reset the value in session to null or destroy it. > > If the visitor attempts to resubmit by using refresh then it will fail because session does not contain an expected value anymore. That value is generated on the UI page. > > If the user goes back with the back button then the browser should display the page from cache. The script will not be called and it will not create a new session value. > If the browser does not use the cache it will have to reload the form. This will create a new session value and an empty form so the user may type a new message. This is like attempting to submit a new message and is something I don't block. > > > I do it this way because I don't want to prevent a visitor to submit new information and I don't think that the original question wanted that. > -- > John > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > Ah, ok. For that I submit the page and do a header location to a thank you page. This will clear the post data if the back button us clicked. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
