#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2004
    Location
    Boston, MA USA
    Posts
    379
    Rep Power
    47

    Backing Up through a Form submission


    I have an application written in PHP/MySQL.

    How can I keep users from using the "back" function and accidentally re-submitting a form that they have just submitted?

    Thanks

    (oops, I accidentally did just that... sorry for the duplicate post)
  2. #2
  3. Confused badger
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Mar 2009
    Location
    West Yorkshire
    Posts
    1,111
    Rep Power
    487
    In your form, you could use a "form token" (a random hash) which is sent over and then stored with the data, if that token's already been used then don't re-import the data, the browser will still whine if the user pressed back (nothing you about that) but at least your form data won't be logged twice.
    "For if leisure and security were enjoyed by all alike, the great mass of human beings who are normally stupefied by poverty would become literate and would learn to think for themselves; and when once they had done this, they would sooner or later realise that the privileged minority had no function and they would sweep it away"
    - George Orwell, 1984
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2004
    Location
    Boston, MA USA
    Posts
    379
    Rep Power
    47
    Originally Posted by badger_fruit
    In your form, you could use a "form token" (a random hash) which is sent over and then stored with the data, if that token's already been used then don't re-import the data, the browser will still whine if the user pressed back (nothing you about that) but at least your form data won't be logged twice.
    Great! Thanks for the reply.

    So, I assume therefore, that I need to add a new field to each of my data tables and then I need to modify every routine with a "submit" statement to add a "pre-submit" query to check for the existence of the same token.... Right?
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    This is overkill as long as you just wanna prevent the browser from resubmitting the form. See your other thread.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo