Solved

detect when F5 or submit

Posted on 2006-12-01
8
782 Views
Last Modified: 2008-01-09
hi,

Please assist how can we stop or prevent the page from adding the same record that was previously added when the user hits F5.
PHP mysql -a sample code will help.

<?php

if(@$_POST['submit']=="add")
{
$myQuery="insert into mytable (name) values( " . @$_POST['name'] . " )";
mysql_query($myQuery) or die(mysql_error());
}

<form name ="create" method="post">
<Input name="name" type="Text" <?php $_POST['name'] ?>>
<input name "submit type="submit" value="add">
</form>

Thanks.
0
Comment
Question by:FrankPorter
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 49

Assisted Solution

by:Roonaan
Roonaan earned 200 total points
ID: 18052768
You can redirect to a special thank you page:

if(@$_POST['submit']=="add")
{
  $myQuery="insert into mytable (name) values( " . mysql_real_escape_string(@$_POST['name']) . " )";
  mysql_query($myQuery) or die(mysql_error());
  header('Location:thankyou.php');
  exit();
}

-r-
0
 

Author Comment

by:FrankPorter
ID: 18052793
after redirecting to the thank you page, can we redirect again the the add page?
is there a standard way to do this rather than redirecting here and there?

Thanks.
0
 
LVL 49

Expert Comment

by:Roonaan
ID: 18052821
You can redirect to the "add" page as well.
0
 

Author Comment

by:FrankPorter
ID: 18052833
Is this the standard way of dealing F5 refresh scenario ? or there's a better way of handling..

Thanks.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 49

Expert Comment

by:Roonaan
ID: 18052869
It is a solution to the F5 "the page you are trying to load was submitted using POST Data" warning.

Alternatives to duplicate prevention also account for testing if data has been recently added to database, or tracking variables in sessions.

-r-
0
 
LVL 10

Assisted Solution

by:Chris_Gralike
Chris_Gralike earned 100 total points
ID: 18053220
an other method might be assigning a session value to detect an F5 stroke

<?php

$show_form = false;

if(isset($_POST['submit']) ){
    session_start();
   
    if(isset($_SESSION['submitted']) ){
                $show_form = true;
                echo "Submitted!";
    }else{
                $myQuery="insert into mytable (name) values( " . mysql_real_escape_string(@$_POST['name']) . " )";
                if(mysql_query($myQuery) ){
                       $_SESSION['submitted'] = 'true';
                }else{
                      if(isset($_SESSION['count']) ){
                               $_SESSION['count'] = "1";
                      }else{
                               $_SESSION['count'] ++;
                      }
                       
                      $_SESSION['submitted'] = 'false';
                     
                      if($_SESSION['count'] < 3){
                           header('location'.$_SERVER['PHP_SELF']);
                      }else{
                           die('3 Retries Failed, please contact the administrator');
                      }
                }
    }
}else{
      if($show_form){
            print(' <table><form etc ');
      }else{
            echo "Enable Session VARS for this script to work!";
      }
}

?>


Well there are enough ways about it i guess, so good luck! and Regards,
0
 
LVL 10

Expert Comment

by:Chris_Gralike
ID: 18053224
$show_form = false;         << This one should be "true"; :$

Sorry for that ;)
0
 
LVL 7

Accepted Solution

by:
brucepieterse earned 200 total points
ID: 18068110
An simplier way of checking if the data exists, is by checking in the database like Roonan said earlier. You can try this:

<?php

if(@$_POST['submit']=="add") {
      $checkDB = "SELECT name FROM mytable WHERE name = '". $_POST['name'] ."'";
      $resCheckDB = mysql_db_query($checkDB);
      $recordValid = mysql_num_rows($resCheckDB);
      if($recordValid >= 1) {
            echo "Your Name is already in the Database! ";
      }
else{
      $myQuery="insert into mytable (name) values( " . @$_POST['name'] . " )";
      mysql_query($myQuery) or die(mysql_error());
      }
}

<form name ="create" method="post">
<Input name="name" type="Text" <?php $_POST['name'] ?>>
<input name "submit type="submit" value="add">
</form>
Hope that helps,
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now