Solved

stop user from going back

Posted on 2002-04-04
7
201 Views
Last Modified: 2006-11-17
Hi,

I have a form where the user enters his info (file1.php)
When the user hits submits he is sent to (file2.php) where it displays all his info he then has to hit submit again to confirm.  He is then sent to (file3.php) where all his info is submitted to the database and displays a thank you messages.  

My question what is the best way to stop the user (when he is at file3.php) to hit the back button and hit submit again?  I would like it if he was to hit the back button he would get an error message and a link to the main page.

Thanks


0
Comment
Question by:onestar
7 Comments
 
LVL 3

Expert Comment

by:winningl
ID: 6918578

Sorry, that's impossible. But there are some ways to make it harder.

1. Try to use session variables, if they hit the back button, the session expired.

2. for the page after a submit, change the history to history.go(1) onload


winningl
0
 
LVL 32

Expert Comment

by:Batalf
ID: 6919402
I have worked with a similar problem when I was developing a quiz for a company. My solution was :

1) Create a sesson-cookie, either with php-sessions or with a self-made cookie, example:

setcookie("sessionID","2002-04-03 00:04:00hjkahsdfueredf34");

The value of the cookie has to be unique, that's the main issue here.

Then, you use a db-table to store what pages the user has finished,

example

table: sessionPages
ID int
sessionID varchar(128),
page char(1);

then after each submit you store an entry in this table, for instance:

insert into sessionPages(sessionID,page)values('$sessionID','1')

for the first page.

THen:
At the top of file1.php, you check if the user with this specific cookie has been on file1.php before:

"select ID from sessionPages where page='1' and sessionID='$sessionID'"

If you're able to retreve data from this query, then forward the user to "file2.php"

header("location:file2.php");

Then you have the same at file2.php, but there you forward the user to file3.php if he has been on file2.php before.

That's a solution which works great for me.

I hope this could help you.

Regards
Batalf
0
 
LVL 4

Expert Comment

by:lokeshv
ID: 6920122
a good one .....

Lk
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 5

Accepted Solution

by:
dkjariwala earned 50 total points
ID: 6920185
I have done thing similar to batalf but different way.

What I did is every form I generate would have a unique number identifying that form.

So it would be like


<form name="blah" action="myscript.php">

<input type="hidden" name="formid" value="21342342342323423423">

//other details go here.


</form>

Now the value formid would be stored in DB.
When someone submits the form, I check the formid. Then following steps are taken.

1. It must be non empty otherwise I do not accept form. [This is needed cause ppl can trick those forms with hidden fields very easily.]

2. If it is having some number, I check against my db, and see If this form is submitted earlier. If yes, then I don't allow to submit it. Otherwise I submit it and set field in db saying form id = #### is submitted.

So table would be like

//table forms
formid, is_submitted

If you make formid, which incorporates date somehow then you can clean up the table on day to day basis.


JD
0
 
LVL 1

Author Comment

by:onestar
ID: 6920678
Thanks for the ideas I will try them out and let you guys know how I make out....

Onestar
0
 
LVL 1

Expert Comment

by:Steves2001
ID: 6921465
Try this at the top of your form pages it should at least make them think
<?
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    // Date in the past
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");           // always modified
header ("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1
header ("Pragma: no-cache");                          // HTTP/1.0
?>
0
 
LVL 1

Expert Comment

by:Steves2001
ID: 6922114
Sorry forgot to add before any other output to the browser (above the <HTML> tag
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Checking CSRF token within a function 36 74
Attach to file (img) a unique id 8 26
send post values 7 26
two ways encryption with php 3 26
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question