All geek questions in one place

Preventing resubmission of the view when updating the browser

The code below works fine. In a file called submit.php, the user can enter the presentation through the form. The form is submitted to submit2.php, where some code inserts the view into the MySQL database. So far so good.

Here's the problem: after the user has landed on submit2.php, if the user refreshes the browser, a pop-up window “Confirm form filling” will appear. Then, if the user clicks Continue on this popup, the view will be resubmitted to the MySQL database.

How to do it do on submit2.php:

  • A popup window will not appear if the browser is updated.

  • The application will not be resubmitted to the database.

Thanks in advance,

John

In submit.php:

echo '<form action="http://www.domain.com/sample/submit2.php" method="post"> 
    <input type="hidden" value="'.$_SESSION['loginid'].'" name="uid">  

    <div class="submissiontitle"><label for="title">Story Title:</label></div> 
    <div class="submissionfield"><input name="title" type="title" id="title" maxlength="1000"></div>  

    <div class="urltitle"><label for="url">Link:</label></div> 
    <div class="urlfield"><input name="url" type="text" id="url" maxlength="500"></div>

    <div class="submissionbutton"><input name="submit" type="submit" value="Submit"></div> 
</form>
';

In submit2.php:

if (isLoggedIn() == true)
{

$remove_array = array('http://www.', 'http://', 'https://', 'https://www.', 'www.');
$cleanurl = str_replace($remove_array, "", $_POST['url']);
$cleanurl = strtolower($cleanurl);
$cleanurl = preg_replace('/\/$/','',$cleanurl);
$cleanurl = stripslashes($cleanurl);

$title = $_POST['title'];
$uid = $_POST['uid'];
$title = mysql_real_escape_string($title);
$title = stripslashes($title);
$slug = str_replace(' ', '-', $title);

echo '-'.$site1.'-';

$cleanurl = mysql_real_escape_string(trim($cleanurl));

$site1 = 'http://' . $cleanurl;

$displayurl = parse_url($site1, PHP_URL_HOST);

function isURL($url1 = NULL) {
        if($url1==NULL) return false;

        $protocol = '(http://|https://)';
        $allowed = '[-a-z0-9]{1,63}';

        $regex = "^". $protocol . // must include the protocol
                         '(' . $allowed . '\.)'. // 1 or several sub domains with a max of 63 chars
                         '[a-z]' . '{2,6}'; // followed by a TLD
        if(eregi($regex, $url1)==true) return true;
        else return false;
}



if(isURL($site1)==true)
    mysql_query("INSERT INTO submission VALUES (NULL, '$uid', '$title', '$slug', '$cleanurl', '$displayurl', NULL)");
else
    echo "<p class=\"topicu\">Not a valid URL.</p>\n";

} else {
    // user is not loggedin
    show_loginform();
}
+3
2

/ , , -/, , .

:

: info_form.php , . POST .

-, : info_submit.php , . . , , , GET (.. : info_confirm.php? Success = 1)

-, : info_confirm.php , , GET.

, , . (, , ), . , , , , GET-, .

0

Source: https://habr.com/ru/post/1752330/

More articles: