0

I am junior PHP dev and I am currently working on making a quote form which will take customer details and whatever the employee enters in the quote form and will:

  • Save customer and quote detail to DB.
  • Generate a PDF (using mpdf library)
  • Email the pdf to the customer

Currently its just two files index.php and quote.php

Here is a diagram

https://i.sstatic.net/VaQJw.png

As you can see it is a monolithic architecture (I have all the operation in one PHP file).

This is causing problems as when the user hits "SUBMIT" and quote.php does all its functions , the user is stuck on that page. Then if they hit Refresh , quote.php will be re-executed again and it ends up spamming my database tables, and email inbox.

I was wondering what is the best way to prevent the user from re-executing or going back to doing stuff which should only be done once.

I had a couple of ideas and was hoping you could suggest me yours?

  • Idea 1: A session variable that prevents re-execution of the same code.

  • Idea 2: Break up the quote.php file into seperate files and jump from each one. (is this possible)?

I want to do this the best way possible and I am open to any suggestions!

Thankyou for your time!

:)

Improve this question
1
  • 2
    i think it's better to use session variable Commented Dec 13, 2011 at 11:39

6 Answers 6

Reset to default
1

If the form takes a while to process (PDF generation can take time) then a good first step would be to stop the user from re-submitting the form. Use javascript to disable the submit button and maybe show a loading icon so they know something is happening.

Once the code has finished executing you will want to redirect them to another page so that you don't have the problem of them refreshing the page.

This is quite simple, just send a header...

// do PDF and email code // now redirect user to thank you page header("Location: thank_you.php"); exit();
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So do I need to create a new php file called thank_you.php with some html etc? :)
Yep that would be the best thing
1

After you have saved customer details, redirect to some different page like thank you page. Also, You can store a flag in session like quote_submitted = 1 after successful operation. Then when refresh is hit or on submit, check it, to avoid looping operations.

Otherwise, is there any way you are storing some customer ID ? Then you can check weather customer has saved his record or not, so there won't be duplicate submissions.

Improve this answer

2 Comments

I have a column in my table called "quote" which is (Yes/No) as sometimes we might just save customer details who do not want a quote right away. :)
then, if quote is 'yes', do nothing. But if quote is 'no', then accept the quote, store it and update the record for that customer by changing quote column value for that customer as 'yes'. So next time he/she tries we are not doing duplicate operations. I think this helps. :)
1

What you want to do is called PRG or Post/Redirect/Get. After a successful POST request you redirect to another page via a Location header. This page will only display something (e.g. a status message) but not perform any actions. Hitting F5 will then just reload that page instead of executing the POST request again.

Obviously it also works without POST, but using GET for an action that modifies things is not really a good idea anyway.

Improve this answer

2 Comments

This sounds interesting, can you link me to some code examples or resources! Thanks :)
All you need to do is header('Location: othersite.php'); exit; after performing your operation.
0

If all is correct you can send a header:

header('Location: http://www.yourdomain.com/another_page.php');

and jump to another page

Improve this answer

Comments

0

First, you should redirect to a different page after the form is submitted. That page usually indicates success or failure. Since nothing prevents the visitor from going back to the form page and submitting it again, using a session variable is your best bet to prevent re-execution. It's not fool-proof though because the session expires when the browser is closed, but it does prevent accidental re-submissions.

Improve this answer

Comments

0

One possibility is, to implement the post-redirect-get approach.

Simply said, a POST request will be never delivered to the browser. Instead you execute all necessary actions and store the information you need in the session, and then you make a redirect with code 303.

$page = 'quote_done.php'; header('Location: '.$page, true, 303); exit;

Doing it this way, the browser will show the "quote_done.php" page (a GET request) instead of the page requested with POST. This is also the page that is added to the history, so refreshing and using the back button will never do another POST request. As a nice side effect you get rid of browser warnings about resending data, normally the user cannot decide what to do then anyway.

I think the biggest problem with this approach is, that you need a session to store error messages, that means you have to rely on cookies. If you do no redirect to display errors, the browser will show the warning about resending data.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.