6

I have a login system, and while logged in, if I refresh the browser, Chrome shows a pop up window titled "Confirm Form Resubmission." I assume that the same thing would happen with other browsers.

How can I allow the browser to be refreshed without this confirmation pop-up window? Of course, I would also like to stay logged in while refreshing the browser.

AfromanJ
  • 3,922
  • 3
  • 17
  • 33
John
  • 4,820
  • 21
  • 62
  • 92

2 Answers2

16

After processing the POST page, redirect the user to the same page.

On http://test.com/test.php

header('Location: http://test.com/test.php');

This will get rid of the box, as refreshing the page will not resubmit the data.

Tyler Carter
  • 60,743
  • 20
  • 130
  • 150
  • Thanks... this seems promising, but when I added it to my index page, the page wouldn't load and Chrome said that it had a redirect loop problem. – John Mar 10 '10 at 05:16
  • 4
    You have to only redirect it when you detect POST data. Test for something like `if($_SERVER['REQUEST_METHOD'] == "POST"){ header('blah blah blah'); }` – Tyler Carter Mar 10 '10 at 05:17
  • Yes, just putting it on the page anywhere will redirect the user every time, creating a redirect loop to the same page. You have to have some statement that will stop it. – animuson Mar 10 '10 at 05:19
  • Thanks Chacha102... it works. I really appreciate your help. You are cool. – John Mar 10 '10 at 05:22
  • 2
    Note that any header('Location:.. must be always followed by `exit;` to prevent further code execution – Your Common Sense Mar 10 '10 at 05:26
  • Doesn't hurt, but any code execution after a Location header is a rather serious bug in PHP, I think. – David Spector Jul 17 '22 at 11:42
0

Alright, so at the top of you login page, you can just have this:

<?php
if (isset($_POST['username'])) {
// Do you login stuff here....

if ($passed == true) {
    header('Location: index.php');
} else {
    echo "Invalid username/password!";
}
Sean Fisher
  • 625
  • 5
  • 13