0

My function like this :

public function index()
{
    $stores = $this->store_service->getListStore();
    return view('store.index', compact('stores '));
}

If the method called, it will call store page

I want to add validation server side. So if user open the store page, user can not back to previous page

How can I do it?

moses toh
  • 12,344
  • 71
  • 243
  • 443
  • 1
    Why do you want to prevent the user from going back to the previous page? – Vindur Aug 07 '17 at 09:49
  • @Vindur, It is okay. On a certain page, I want the user can not go back to the previous page. So not all pages – moses toh Aug 07 '17 at 09:52
  • 1
    You could create a session when the user visits the page. Then when the user tries to go back, check if the session exists, if it does, redirect the user. – Vindur Aug 07 '17 at 09:54
  • If you want to prevent the user from going back you need to disable the back button using javascript. Have a look at this link: https://stackoverflow.com/a/25665232/3887342 – PaladiN Aug 07 '17 at 09:54
  • Is it like an order page with steps and you can't go back from step 2 to step 1? – ka_lin Aug 07 '17 at 10:00
  • @PaladiN, What if it's inject from url? So in addition to client side validation, it also requires server side validation – moses toh Aug 07 '17 at 10:02
  • @PaladiN, I have added client side validation. I also want to add server side validation as well – moses toh Aug 07 '17 at 10:04
  • @SuccessMan you might want to disallow get request for that link. and use the post request from your site. There might be some other solutions too. – PaladiN Aug 07 '17 at 10:04
  • @PaladiN, It seems like using a post can also be hacked – moses toh Aug 07 '17 at 12:12
  • @Vindur, It does not seem like the best way. Because I have to add conditions on all pages – moses toh Aug 07 '17 at 12:15

2 Answers2

1

Include a middleware in the routes and check the request in the middleware. If the request is coming from stores (or whatever page you want to prevent the user to go) redirect the user to the previous page. This way even if a user click the back button, the user will be presented to the same page.

You can check for path like this: $request->path() and if the path is not what you want your user to go then redirect to the previous page

anshuraj
  • 332
  • 1
  • 5
  • 16
0

You cannot handle browser events using server side code. According to me you will have to push your URL in push state and clean the browser history. You can use below code.

$(document).ready(function(){ 
    window.history.pushState(null, "", window.location.href);
     window.onpopstate = function() { 
           window.history.pushState(null, "", window.location.href);
     }; 
});
Nikhil G
  • 2,096
  • 14
  • 18
  • What if it's inject from url? So in addition to client side validation, it also requires server side validation – moses toh Aug 07 '17 at 10:01
  • I have added client side validation. I also want to add server side validation as well – moses toh Aug 07 '17 at 10:04
  • Okay, you can maintain a flag. For example when user visits store page, set a flag (you can use session) and when user visits next page destroy that session. Now you just need to check whether that variable isset or not. – Nikhil G Aug 07 '17 at 10:08
  • It does not seem like the best way. Because I have to add conditions on all pages – moses toh Aug 07 '17 at 12:14
  • Ok. One more option you have is, to destroy the session in the view file of the store page, keep the code for destroying the session at the end of file. I am not sure whether this is good practice or not. But this will surely work and you'll not have to add condition on all pages. – Nikhil G Aug 07 '17 at 12:28