Clearing POST DATA for Browser Refresh

tmax wrote:

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise,
click Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed,
the page is reloaded without this message being displayed.

Thanks in advance.

Don't redirect to the form; redirect to a summary page without the form
or make your form page sensitive to whether the $_POST data is available
and do not have it emit a <form> if the $_POST data is available.

I prefer the first method over the second.

-david-

"tmax" <tm**@comcast.net> wrote in message
news:82***************************@PGTV.COM...

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise, click
Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed, the
page is reloaded without this message being displayed.

Thanks in advance.

In the script to which the form submits, store the $_POST data somewhere
else, say a session. Then, use this:

header("Location: http://host/path/to/script.php");
exit();

to bounce the user to another page. Most browsers know to not re-submit the
post data to this new page. The new script can even be the originating
one - as long as you use the location: header, you'll be fine. You can then
access the submitted data wherever you stored it.

PS. if you're using a session to store the data, call session_write_close()
before the header() call, otherwise nasty things happen on some browsers.

dave

d wrote:

"tmax" <tm**@comcast.net> wrote in message
news:82***************************@PGTV.COM...

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise, click
Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed, the
page is reloaded without this message being displayed.

Thanks in advance.

In the script to which the form submits, store the $_POST data somewhere
else, say a session. Then, use this:

header("Location: http://host/path/to/script.php");
exit();

to bounce the user to another page. Most browsers know to not re-submit the
post data to this new page. The new script can even be the originating
one - as long as you use the location: header, you'll be fine. You can then
access the submitted data wherever you stored it.

PS. if you're using a session to store the data, call session_write_close()
before the header() call, otherwise nasty things happen on some browsers.

dave

Just curious, but is there / would you recommend a good alternative for
the Sessions?

Frizzle.

Well, I've tried everything that has been suggested so far - thanks for
everyone's input.

However, let me restate the problems differently as I believe it wasn't
correct to begin with.

I have a file: index.php

index.php contains a form, which when submitted for processing, calls
itself using <form method="POST" action="{$_SERVER['PHP_SELF']}">

When the form is submitted and index.php is reevaluated, I have the
following IF statement: (FYI: 'submit' is the name of the submit button.)
------------
IF ( !isset($_POST['submit']) ) {
// The form has NOT been SUBMITTED - display the form

echo <<<htmloutput
<form method="POST" action="{$_SERVER['PHP_SELF']}">
...
</form>
htmloutput;

} ELSE {
// The form was SUBMITTED - process the form

process the form data, etc. and print in PLACE of the form the
following:

echo "Information submitted... Thank you.";
}
-------------

I understand I can redirect to a (different) summary page, but all I
want to do is replace the form with the summary message. The problem
comes into being when, after the summary message is displayed, the user
goes to refresh the browser. The browser is still caching the form data
for resubmission. I've tried things like: unset($_POST) or
unset($_POST['submit']) (and all the other form fields) but that has no
affect.

Any other suggestions?

Thanks in advance.

d wrote:

"tmax" <tm**@comcast.net> wrote in message
news:82***************************@PGTV.COM...

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise, click
Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed, the
page is reloaded without this message being displayed.

Thanks in advance.

In the script to which the form submits, store the $_POST data somewhere
else, say a session. Then, use this:

header("Location: http://host/path/to/script.php");
exit();

to bounce the user to another page. Most browsers know to not re-submit the
post data to this new page. The new script can even be the originating
one - as long as you use the location: header, you'll be fine. You can then
access the submitted data wherever you stored it.

PS. if you're using a session to store the data, call session_write_close()
before the header() call, otherwise nasty things happen on some browsers.

dave

I have to ask, why would you assume your users would refresh that page
rather than following a link somewhere else?

I have to ask, why would you assume your users would refresh that page
rather than following a link somewhere else?

I don't think there is another solution than storing state information
somehwere.
I would use the following method:

1. Before displaying the form, generate some unique number
2. add this number in a hidden field in the form.
3. When the user submits, mark the number as 'used'
4. When the user submits again, ignore the data, because the number
has already been 'used' up.

The simplest way to do this is to create a counter, either in a file on disk
or in
a database. Before you send the form to the client, increment the counter
and send
the counter value in a hidden field in the form.

If you save the form data in a database table, add a 'counter' field to the
table.
When the form is first submitted, a record with the counter value sent with
the form should not exist. Save data and counter.
If the form is submitted for a second or third time, the counter is already
present in
your table, so you should ignore the data in the post.

Using a session cookie is, I think, less work.
"tmax" <tm**@comcast.net> wrote in message
news:82***************************@PGTV.COM...

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise, click
Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed, the
page is reloaded without this message being displayed.

Thanks in advance.

True, they could instead following some other link and decide not to
refresh the page. However, I would like the page to function such that
refreshing the page simply re-displays a new blank form (after all,
refreshing a page is conceptually akin to resetting.)

I started off on this path thinking that this format should be
relatively easy to code with one if-else statement. So far, it has been
easy to code (the form and summary message work great, with very little
coding). I keep thinking that there is some PHP mechanism that isn't
being used properly here (due to my PHP inexperience.)

Any suggestions?

P-Rage wrote:

I have to ask, why would you assume your users would refresh that page
rather than following a link somewhere else?

"frizzle" <ph********@gmail.com> wrote in message
news:11**********************@o13g2000cwo.googlegr oups.com...

d wrote:

"tmax" <tm**@comcast.net> wrote in message
news:82***************************@PGTV.COM...

> PHP Pros:
>
> I have a simple html form that submits data to a php script, which
> processes it, and then redisplays the same page, but with a "thank you"
> message in place of the html form. This is all working fine. However,
> when refresh the browser, I get the following message displayed:
>
> "The page you are trying to view contains POSTDATA. If you resend the
> data, any action the form carried out (such as as search or online
> purchse) will be repeated. To resend the data, click OK. Otherwise,
> click
> Cancel."
>
> Obviously I don't want my users to resend the data to me.
>
> What do I need to do code-wise so that when the browser is refreshed,
> the
> page is reloaded without this message being displayed.
>
> Thanks in advance.
In the script to which the form submits, store the $_POST data somewhere
else, say a session. Then, use this:

header("Location: http://host/path/to/script.php");
exit();

to bounce the user to another page. Most browsers know to not re-submit
the
post data to this new page. The new script can even be the originating
one - as long as you use the location: header, you'll be fine. You can
then
access the submitted data wherever you stored it.

PS. if you're using a session to store the data, call
session_write_close()
before the header() call, otherwise nasty things happen on some browsers.

dave

Just curious, but is there / would you recommend a good alternative for
the Sessions?

Databases or files spring to mind :)
Frizzle.

"tmax" <tm**@comcast.net> wrote in message
news:1f***************************@PGTV.COM...

Well, I've tried everything that has been suggested so far - thanks for
everyone's input.

However, let me restate the problems differently as I believe it wasn't
correct to begin with.

I understand completely what you're asking :)

Try this code:

<?

session_start();

if (isset($_POST["data"])) {
$_SESSION["data"]=$_POST["data"];
session_write_close();
header("Location: ".$_SERVER["SCRIPT_URI"]);
exit();
}

if (isset($_SESSION["data"])) {
?>
<html>
<head><title>Thanks!</title></head>
<body>
Thank you for submitting your data:<br>
<?=$_SESSION["data"];?>
</body>
</html>
<?
} else {
?>
<html>
<head><title>Please Submit</title></head>
<body>
Use the form to submit your data:<br>
<form method="post">
<input type="text" name="data"><br>
<input type="submit" value="Go!">
</form>
</body>
</html>
<?
}
?>

It will show a form, and take that posted data and store it in a session.
Then, the script re-directs you back to itself, and that redirection stops
your browser wanting to resubmit the data when refreshed. The session is
then checked, and if the data is present, a thank-you note is displayed. If
not, it then shows the initial form.

dave

"tmax" <tm**@comcast.net> wrote in message
news:a3***************************@PGTV.COM...

True, they could instead following some other link and decide not to
refresh the page. However, I would like the page to function such that
refreshing the page simply re-displays a new blank form (after all,
refreshing a page is conceptually akin to resetting.)

I started off on this path thinking that this format should be relatively
easy to code with one if-else statement. So far, it has been easy to code
(the form and summary message work great, with very little coding). I
keep thinking that there is some PHP mechanism that isn't being used
properly here (due to my PHP inexperience.)

Any suggestions?
The header("Location: ") command :) See my other post... ;)
P-Rage wrote:

I have to ask, why would you assume your users would refresh that page
rather than following a link somewhere else?

Thank You Dave!!!

This code works - I used ob_start() to get around some header() errors,
but after implementing that, my form and page works exactly as I
intended it to. Learned quite a bit from all of this too. Thanks again!

Travis
d wrote:

"tmax" <tm**@comcast.net> wrote in message
news:1f***************************@PGTV.COM...

Well, I've tried everything that has been suggested so far - thanks for
everyone's input.

However, let me restate the problems differently as I believe it wasn't
correct to begin with.

I understand completely what you're asking :)

Try this code:

<?

session_start();

if (isset($_POST["data"])) {
$_SESSION["data"]=$_POST["data"];
session_write_close();
header("Location: ".$_SERVER["SCRIPT_URI"]);
exit();
}

if (isset($_SESSION["data"])) {
?>
<html>
<head><title>Thanks!</title></head>
<body>
Thank you for submitting your data:<br>
<?=$_SESSION["data"];?>
</body>
</html>
<?
} else {
?>
<html>
<head><title>Please Submit</title></head>
<body>
Use the form to submit your data:<br>
<form method="post">
<input type="text" name="data"><br>
<input type="submit" value="Go!">
</form>
</body>
</html>
<?
}
?>

It will show a form, and take that posted data and store it in a session.
Then, the script re-directs you back to itself, and that redirection stops
your browser wanting to resubmit the data when refreshed. The session is
then checked, and if the data is present, a thank-you note is displayed. If
not, it then shows the initial form.

dave

tmax wrote:

Thank You Dave!!!

This code works - I used ob_start() to get around some header() errors,
but after implementing that, my form and page works exactly as I
intended it to. Learned quite a bit from all of this too. Thanks again!

Travis
d wrote:

"tmax" <tm**@comcast.net> wrote in message
news:1f***************************@PGTV.COM...

Well, I've tried everything that has been suggested so far - thanks
for everyone's input.

However, let me restate the problems differently as I believe it
wasn't correct to begin with.

I understand completely what you're asking :)

Try this code:

<?

session_start();

if (isset($_POST["data"])) {
$_SESSION["data"]=$_POST["data"];
session_write_close();
header("Location: ".$_SERVER["SCRIPT_URI"]);
exit();
}

if (isset($_SESSION["data"])) {
?>
<html>
<head><title>Thanks!</title></head>
<body>
Thank you for submitting your data:<br>
<?=$_SESSION["data"];?>
</body>
</html>
<?
} else {
?>
<html>
<head><title>Please Submit</title></head>
<body>
Use the form to submit your data:<br>
<form method="post">
<input type="text" name="data"><br>
<input type="submit" value="Go!">
</form>
</body>
</html>
<?
}
?>

It will show a form, and take that posted data and store it in a
session. Then, the script re-directs you back to itself, and that
redirection stops your browser wanting to resubmit the data when
refreshed. The session is then checked, and if the data is present, a
thank-you note is displayed. If not, it then shows the initial form.

dave

His code should work fine as long as you don't have *anything* before
the first line - including blank lines, spaces and DOCTYPE statements.

You should not need ob_start().

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

On 2006-02-14, tmax <tm**@comcast.net> wrote:

PHP Pros:

I have a simple html form that submits data to a php script, which
processes it, and then redisplays the same page, but with a "thank you"
message in place of the html form. This is all working fine. However,
when refresh the browser, I get the following message displayed:

"The page you are trying to view contains POSTDATA. If you resend the
data, any action the form carried out (such as as search or online
purchse) will be repeated. To resend the data, click OK. Otherwise,
click Cancel."

Obviously I don't want my users to resend the data to me.

What do I need to do code-wise so that when the browser is refreshed,
the page is reloaded without this message being displayed.

Thanks in advance.

I think this will work.
when they post the form issue a redirect
(use a fixed pitch font or the following won't make much sense)

user posts automatic user navigates
form -----> redirect ------> thankyou --------> further
page page

when the user goes back from the "further" page they'll hit the
thankyou page (which was got by the redirect so no data to post)
(back again gets them to the form.)
Bye.
Jasen

P-Rage:

I have to ask, why would you assume your users would refresh that page
rather than following a link somewhere else?

Browsers developed under a misconception of History lists ask you if
you want to resend POST data after, say, you follow a link away from
the page to which the form directed you, and then, for whatever reason,
move Back to that page. By HTTP, if the user has not reconfigured
their browser to refresh stale History items, this should not happen
(sec. 13.13). The solutions put forward in this thread, if serving no
other purpose, work around that bug.

--
Jock