0

I have a form that re-submits on refresh. I've searched SO and have found nothing relating to my specific issue. I know it is better to have a separate PHP page, but for this specific project it needs to all be on one PHP page. I need the POST to reset when the page is refreshed so the form isn't automatically sent again.

Please note that I CANNOT have the page redirect somewhere else therefore I cannot use Post/Redirect/Get. The outcome I'd like to have is this: Person visits for the first time, enters correct code, script runs, then next time they visit or refresh the page etc, they have to complete the form again. Any suggestions would be much appreciated.

$code = '';
$hide = "<script>$('form').fadeOut(500).remove();
$('.wrapper').addClass('form-success');
$('.container').delay(1800).fadeOut(500);</script>";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
   $code = secure($_POST["code"]);
}

function secure($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}

if (intval($code) == 1234) {
echo $hide;
$code = '';
} else {
echo "Failed";
$code = '';
}
Verpz
  • 131
  • 3
  • 13

2 Answers2

2

Are you sure? It's perfectly fine to redirect the user to the current page, and I'm pretty sure that's your best option. So after processing the code, redirect the user to the current page, and a refresh will no longer re-submit the form. Just make sure you redirect using HTTP Response code 303; [it triggers a GET request][1]:

This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable.

You can do this by using header after the submit has been processed (but before any html has been send to the user):

header('Location: '.$_SERVER["PHP_SELF"], true, 303);
Sjon
  • 4,989
  • 6
  • 28
  • 46
  • Thanks, do you have an example of how to do that? I haven't taken the time to learn PHP properly yet, so I can get rather confused at times. Would I just use action="index.php" in the form? or would I use header(Location:) in the PHP script its self? @Sjon – Verpz Mar 20 '16 at 20:19
  • This is my current action: action="" – Verpz Mar 20 '16 at 20:22
  • Thanks, I'll give it a go when I get home. – Verpz Mar 20 '16 at 22:16
  • It returns the following error: "Cannot modify header information - headers already sent" – Verpz Mar 21 '16 at 04:28
  • How do I send it before any HTML? – Verpz Mar 21 '16 at 04:36
  • Have a look at [How to fix “Headers already sent” error in PHP](http://stackoverflow.com/a/8028987/3749523) – Sjon Mar 21 '16 at 08:45
  • I've moved the form action code as high as possible and removed spaces before – Verpz Mar 21 '16 at 09:16
  • I can't move the form code any higher and there is no echo / print before the header is called – Verpz Mar 21 '16 at 09:17
  • What line is PHP reporting `output started at #` – Sjon Mar 21 '16 at 09:18
  • "Cannot modify header information - headers already sent by (output started at path/index.php:45) in path/index.php on line 3
    was not found on this server." Line 3, would you like to move this to a chat? @Sjon     – Verpz Mar 21 '16 at 09:20
  • what if it redirects to a separate page but is then redirected back to the original. Would that work or would that lose the POST data? – Verpz Mar 22 '16 at 09:49
0
if (!empty($_POST)) setcookie ("last_post", implode($_POST),time()+360000);
if (!empty($_POST) and $_COOKIE['last_post'] == implode($_POST)) $_POST = [];

With a POST request, we will add data to the cookies, with subsequent POST requests, we check them and if they are different from each other, we pass the parameters further.

Vehsika
  • 1