By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,303 Members | 1,260 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,303 IT Pros & Developers. It's quick & easy.

Refresh problem

P: 34
Hi,
I have refresh problem.When user does refresh or clicks F5 then form variables again posting. It crates same a lot of inserts. I don't know How to solve it.
May 8 '07 #1
Share this Question
Share on Google+
14 Replies


ak1dnar
Expert 100+
P: 1,584
I think you are using a html form to submit the data and there might be a submit button.
Let's assume that submit button is like this.

[HTML]<input type="submit" name="sub" value="Send">[/HTML]

then from your php side use like this.

[PHP]if ($_POST['sub'])
{
// insert current coding inside this if block for getting values from html form and //inserting it to the database
}[/PHP]

php will execute only user cllicks the sub button .
May 8 '07 #2

P: 34
I have already done it. My code sample;
Submit buton definition
<input type="submit" name="kaydet" value="Kaydet">

insertion side

if($_POST['kaydet'] )
{
// I'm taking POST variables and inserting to database
}
May 8 '07 #3

ak1dnar
Expert 100+
P: 1,584
Good for you. :D
May 8 '07 #4

Purple
Expert 100+
P: 404
Hi seralasu,

I am assuming you are still having a problem with this.. a suggestion is to use Javascript on the onClick event of your submit button and set a hidden field on your form and test that rather than the submit button - the onClick event will only fire when clicked - ie it does not fire on refresh / F5..

the following code demonstrates using a basic javascript alert..
[PHP]
echo "<form name=\"test\" action=\"".$_SERVER["PHP_SELF"]."\" method = \"post\">
<input type=\"submit\" name=\"kaydet\" value=\"Kaydet\" onClick=\"javascript:alert('here');\"></input></form>";
print_r($_POST);
[/PHP]
May 8 '07 #5

P: 33
Hi,

Please check the thread http://www.thescripts.com/forum/thread576526.html

Subash :)
May 8 '07 #6

Purple
Expert 100+
P: 404
Hi Subash,

I don't think the thread you referenced answers the initial issue - the problem experience is caused by hitting refresh or F5 on a form using a method of post - basically the form is submitted every time the form is refreshed, F5 is hit or the submit button is pressed..

Rgds Purple
May 8 '07 #7

pbmods
Expert 5K+
P: 5,821
Easiest way I can think of to prevent this is to set up some unique keys in MySQL.

For example, suppose you had a table that looked something like this:

Expand|Select|Wrap|Line Numbers
  1. mysql> DESCRIBE `Data_Categories`;
  2. +------------+---------------------+------+-----+---------+----------------+
  3. | Field      | Type                | Null | Key | Default | Extra          |
  4. +------------+---------------------+------+-----+---------+----------------+
  5. | categoryid | bigint(20) unsigned | NO   | PRI | NULL    | auto_increment | 
  6. | desc       | varchar(64)         | NO   |     |         |                | 
  7. +------------+---------------------+------+-----+---------+----------------+
  8.  
Obviously, it wouldn't be useful to have a bunch of duplicate categories (this is an example; bear with me). So we would want to add a unique constraint so that every category has a different name.

To set up a unique key:
Expand|Select|Wrap|Line Numbers
  1. ALTER TABLE `Data_Categories` ADD UNIQUE KEY `catName`(`desc`);
  2.  
The `catName` is just the name of your key and can be just about anything you want it to be. You put the name of the column(s) you want constrained inside the parenthesis.

Once the unique is in place, attempting to insert a duplicate row will fail:

Expand|Select|Wrap|Line Numbers
  1. mysql> INSERT INTO `Data_Categories` (`desc`) VALUES('Tester');
  2. Query OK, 1 row affected (0.00 sec)
  3.  
  4. mysql> INSERT INTO `Data_Categories` (`desc`) VALUES('Tester');
  5. ERROR 1062 (23000): Duplicate entry 'Tester' for key 2
  6.  
[EDIT: Just to make things complicated, you can put a constraint on more than one column in the table. For example, if you used:

Expand|Select|Wrap|Line Numbers
  1. ALTER TABLE `Data_Categories` ADD UNIQUE KEY `parentData`(`parent`, `desc`);
  2.  
(assuming that `Data_Categories` also had a `parent` field)

Then an INSERT would only fail if you tried to add a row with the same `parent` AND `desc` as an existing row, but would still allow the INSERT if only one of the fields matched.]
May 8 '07 #8

P: 34
Hi,
Thanks for all replies. I will try them.
May 9 '07 #9

P: 1
To AJAXRAND (sorry - I could not post this as a reply to your comment)

It does not work. Your $_POST['sub'] will be still there (the form will be sent again with F5 - refresh).

Have a try to add at the end of your PHP script this:
echo "<PRE>POST :";
print_r($_POST);
echo "</PRE>";

Paja
Jun 30 '07 #10

kovik
Expert 100+
P: 1,044
I think you are using a html form to submit the data and there might be a submit button.
Let's assume that submit button is like this.

[HTML]<input type="submit" name="sub" value="Send">[/HTML]

then from your php side use like this.

[PHP]if ($_POST['sub'])
{
// insert current coding inside this if block for getting values from html form and //inserting it to the database
}[/PHP]
Whoa whoa whoa. NEVER use the submit button as the condition of submission. A form can be submitted without use of the submit button, and the condition will never be met (this is an IE bug, so we can't ignore it).

As for the problem of this post, it is hardly a problem at all. It's just the way that HTTP POST works. It exists on the page that was posted to, and refreshing will re-submit data no matter what the situation. Since your problem is that your submission causes more database entries, try these:

1) Check the database for that entry before adding it in.
Expand|Select|Wrap|Line Numbers
  1. $result = mysql_query("SELECT `id` FROM `table` WHERE `var1` = '" . mysql_real_escape_string($_POST['var1']) . "';");
  2.  
  3. if(mysql_num_rows() == 0)
  4. {
  5.     // Perform insertion
  6. }
  7.  
2) Create a hidden field that is filled upon posting and check for it
Expand|Select|Wrap|Line Numbers
  1. if(!empty($_POST) && isset($_POST['alreadyposted'] && $_POST['alreadyposted'] == 0)
  2. {
  3.     $alreadyposted = true;
  4.     // Handle the post
  5. }
  6.  
  7. ....
  8.  
  9. <form>
  10.     <input type="hidden" name="alreadyposted" value="<?php echo isset($alreadyposted) ? 1 : 0; ?>" />
Jun 30 '07 #11

ak1dnar
Expert 100+
P: 1,584
I Think, I made a Bad mistake without reading seralasu's Problem well.
Sorry for that.

seralasu,
Do you prefer to redirect the Page after submitting the form to another location or to the same page.

Expand|Select|Wrap|Line Numbers
  1. <?
  2. $con = mysql_connect('localhost', 'root', 'dba') or die ("Could not connect to the Database");
  3. mysql_select_db('test', $con) or die (mysql_error());
  4.  
  5. if(isset ($_POST['insert']) && $_POST['productname'] != "" ){
  6. $STR_NAME = $_POST['productname'];
  7. $SQL_INSERT = "INSERT INTO products (p_name) VALUES ('$STR_NAME')";
  8. mysql_query($SQL_INSERT) or die(mysql_error());
  9. header('Location:'.$PHP_SELF.''); 
  10. // You Can redirect to Another Page Also 
  11. //header('Location: thankyou.php'); 
  12. }
  13. ?>
  14. <html>
  15. <body>
  16. <form action="
  17. <input name="productname" type="text">
  18. <input name="insert" type="submit">
  19. </form>
  20. </body>
  21. </html>
Jul 2 '07 #12

kovik
Expert 100+
P: 1,044
Expand|Select|Wrap|Line Numbers
  1. header('Location:'.$PHP_SELF.'');
*Ahem* Umm... I really didn't think there'd be need to contradict a mod twice in the same post. I hope it doesn't seem rude, but these are points of security and usability.

$SERVER['PHP_SELF'] and it's deprecated global counterpart, $PHP_SELF, are unsafe and inconsistent. They cause different outputs on CGI installations. It is unsafe because it openly allows XSS. An alternative to $_SERVER['PHP_SELF'], in the sense that most people use it for, is basename(__FILE__).

Also, header() is not meant to accept relative paths. Browsers are not required, by standards, to accept and translate relative paths through redirection. You must always give an absolute path when using header() redirection.
Jul 2 '07 #13

P: 5
I believe the answer is here:
It uses sessions to hold a secret code and verifies on the form handle. It then creates a new secret code and overwrites the session so if the form is refreshed the two codes do not match.

php no refresh script
Jul 2 '07 #14

ak1dnar
Expert 100+
P: 1,584
*Ahem* Umm... I really didn't think there'd be need to contradict a mod twice in the same post. I hope it doesn't seem rude, but these are points of security and usability.

$SERVER['PHP_SELF'] and it's deprecated global counterpart, $PHP_SELF, are unsafe and inconsistent. They cause different outputs on CGI installations. It is unsafe because it openly allows XSS. An alternative to $_SERVER['PHP_SELF'], in the sense that most people use it for, is basename(__FILE__).

Also, header() is not meant to accept relative paths. Browsers are not required, by standards, to accept and translate relative paths through redirection. You must always give an absolute path when using header() redirection.
I really appreciate your feedback volectricity ! Thanks.

And itís a good point to start a new thread for Good and Bad PHP Code here at PHP Forum.

Thanks,
-Ajaxrand
Jul 3 '07 #15

Post your reply

Sign in to post your reply or Sign up for a free account.