468,315 Members | 1,400 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,315 developers. It's quick & easy.

Browser back after POST

Hello,

I got an annoying problem using the POST-method to send a form's data:

I put a login-form on the page which is sent by the POST-method to itself.
After that the content of the POST-variables will be checked
(!empty($_SESSION['xyz'])) and the rest of the page included.
In order to show some informations (e.g. "Welcome John Doe") and becoming
independent of specific POSTs, the data is also written to
SESSION-variables.
Now if I go to another page (by link) and after that back to the login-page
by the browser's "back"-button, it cannot be displayed ("The page cannot be
displayed...").
Only if I actualize the page it is displayed regularly.
I know that this problem doesn't appear by using the GET-method, but because
of security reasons I have to use POST.
So what can I do to fix that problem?
I don't want to disable the browsers back-button (or use some JavaScript).

Thanx very much in anticipation!!

Jul 17 '05 #1
3 5606
Bernd Kohler wrote:
Hello,

I got an annoying problem using the POST-method to send a form's data:

I put a login-form on the page which is sent by the POST-method to itself.
After that the content of the POST-variables will be checked
(!empty($_SESSION['xyz'])) and the rest of the page included.
In order to show some informations (e.g. "Welcome John Doe") and becoming
independent of specific POSTs, the data is also written to
SESSION-variables.
Now if I go to another page (by link) and after that back to the login-page
by the browser's "back"-button, it cannot be displayed ("The page cannot be
displayed...").
Only if I actualize the page it is displayed regularly.
I know that this problem doesn't appear by using the GET-method, but because
of security reasons I have to use POST.
So what can I do to fix that problem?
I don't want to disable the browsers back-button (or use some JavaScript).

Thanx very much in anticipation!!

maybe it is possible to include a half-way page:
[enter-data-page] -> [confirm enter, automatcally reroute page
(processes POST data)] -> [normal page] <--> [other pages]
As you can see, the page processing the post data is not called upon again.
Jul 17 '05 #2
Following on from Bernd Kohler's message. . .
Hello,

I got an annoying problem using the POST-method to send a form's data:

I put a login-form on the page which is sent by the POST-method to itself.
After that the content of the POST-variables will be checked
(!empty($_SESSION['xyz'])) and the rest of the page included.
In order to show some informations (e.g. "Welcome John Doe") and becoming
independent of specific POSTs, the data is also written to
SESSION-variables.
Now if I go to another page (by link) and after that back to the login-page
by the browser's "back"-button, it cannot be displayed ("The page cannot be
displayed...").
Only if I actualize the page it is displayed regularly.
I know that this problem doesn't appear by using the GET-method, but because
of security reasons I have to use POST.
So what can I do to fix that problem?
I don't want to disable the browsers back-button (or use some JavaScript).

Thanx very much in anticipation!!


Not an actual answer, but this is the sort of thing where you could
usefully try a number of browsers to see the variety of ways they react.
--
PETER FOX Not the same since the icecream business was liquidated
pe******@eminent.demon.co.uk.not.this.bit.no.html
2 Tees Close, Witham, Essex.
Gravity beer in Essex <http://www.eminent.demon.co.uk>
Jul 17 '05 #3
When you submit the form, you are sending POST variables. When you click on
a link after submitting your form, you are taken to that link. Now, when you
click the back button, you are taken back - not to the original page - but
to the target page of your login form (which may happen to be your original
page, I don't know). The difference is that the page expects POST variables.
Because you are not supplying any, it displays nothing. There are two
solutions for you:

1. In your script, if there are no POST variables set, you should display
the original page as usual (I suspect that you do not, or do not have a
handler for this state)
2. Use a header("location: original_page.html");exit(); after you process
your POST variables. This will ensure that the target of your form is never
a displayed page on the client.

Regards,

PMK Media
http://www.pmkmedia.com
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by Ralph Freshour | last post: by
4 posts views Thread by interuser | last post: by
4 posts views Thread by Diffident | last post: by
3 posts views Thread by =?Utf-8?B?KioqKiBLaXRlT3JlZ29uICoqKio=?= | last post: by
3 posts views Thread by Ian Semmel | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.