3

I'm creating a form and using it to get data input to send to a MySQL database via php. If someone hits refresh on the page Firefox ressends the last set of information to the php page which in turn sends it to the database. Is there anyway to prevent this?

Improve this question
1
  • Not a "way" but strict rule, from HTTP standard. Commented Dec 12, 2010 at 13:25

6 Answers 6

Reset to default
7

To fix that problem, there exists Post/Redirect/Get pattern you need to follow :)

Post/Redirect/Get (PRG) is a common design pattern for web developers to help avoid certain duplicate form submissions and allow user agents to behave more intuitively with bookmarks and the refresh button.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

7

You need to do a redirect to the same page:

$current_url = (empty($_SERVER['HTTPS']) ? "http://" : "https://") . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header ('Location: ' . $current_url); exit ();
Improve this answer

5 Comments

The only answer with actual code, and it turns to be ugly as a nightmare. May you please choose a bit less ugly construction? Not to repeat whole string twice to alter just one letter, for example?
@Col - How about this: $current_url = "http" . (!empty($_SERVER['HTTPS']) ? "s" :"") "://".$_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
@Agent I'd leave whole https inside of condition in sake of readability. Though ternary operator is a huge hole in readability itself. And also HTTP_HOST should be used instead of SERVER_NAME
@Col: Fair enough. I didn't actually write this answer, of course, I'm just playing with your comment. Well, I hit the rep cap for today, I guess it's bed time. :) Have fun, Col.
@Col Shrapnel: Edited according to your suggestions. Thanks.
2

The usual way to do this is to use a redirect.

You get the request, use the data it contains to load your database or whatever, and then perform a redirect (I think you're supposed to use a 303 redirect for this, but I've heard of a lot of people using 302s to avoid certain browser glitches).

The net effect of this is that there was no POST data sent when the redirect occurred, so refreshing can't cause it to be resent and screw up your application/database.

Improve this answer

Comments

0

If you don't like any of the above and are using JQUERY. You could do a simple load or ajax function to send the information to your script.

This will erase any chance of duplicate sending and you no page reload. I like this method best, it's fast and easy.

Another solution you can do is have your form send to another page, a bit like this:

<form action="chat_server.php" method="post"> Message: <input type="text" name="message" /> <input type="submit" /> </form>

On the chat_server.php file, you do what you need to do with the data and at the end, you do

echo '<meta http-equiv="REFRESH" content="0; url=chat.php" />';

Give it a try, should get rid of your problem.

Improve this answer

Comments

-1

Yes. After inserting data you do a redirect.

Improve this answer

Comments

-1

use a code in a hidden input and this code getting by a table codes for exmaple and if the code sending remove it from database and if the code not set in the table dont accept the query

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.