-2

I am facing some problem which you can easily solve this. Form which I make work fine in first look because it store data in database when click submit button. I it also store data after I refresh Profile page. I think it will be solve if code execute only on click submit button but not on refresh the page. But don't know how to do that.

Profile.php

<?php
 include('session.php');
 include('frnd.php');
 if(!isset($_SESSION['login_user'])){
 header("location: index.php"); // Redirecting To Home Page
 }
 ?>

<!DOCTYPE html>
<html>
<head>
 <title>Your Home Page</title>
 <link href="style.css" rel="stylesheet" type="text/css">
</head>
<body>
 <span><?php echo $error; ?></span>
 <div id="profile">
  <b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b>
  <b id="logout"><a href="logout.php">Log Out</a></b>
 </div><br>
 <form action="" method="post">
 <input type="text" name="frndIn" required><input type="submit" name="add">
 </form>
</body>
</html>

Frnd.php

 <?php
  $error = ''; // Variable To Store Error Message
  if (isset($_POST['add'])) {
  if (empty($_POST['frndIn'])) {
  $error = "Please enter username of your friend";
  }
  else
  {
  $frndIn = $_POST['frndIn'];
  // mysqli_connect() function opens a new connection to the MySQL server.
  $conn = mysqli_connect("localhost", "root", "", "msg");
  $query = "INSERT INTO friend (username, friend) values (?,?)";
  // To protect MySQL injection for Security purpose
  $stmt = $conn->prepare($query);
  $stmt->bind_param("ss", $login_session, $frndIn);
  if ($stmt->execute()) 
       {
            echo "New record inserted successfully";
       } 
  else 
       {
            $error = 'Error occur';
       }
  mysqli_close($conn); // Closing Connection
  }
  }
  ?>

Edit: I solve this problem by using POST/Redirect/GET method. This video (https://www.youtube.com/watch?v=bIkqNHyj25w) is very helpful.

Nawaraj
  • 425
  • 5
  • 20
  • You could look at is the insert query itself. It should only insert a friend when it doesn't yet exist in the database. – KIKO Software Oct 13 '17 at 07:43
  • @usmanikram i don't want to redirect page to blank page when someone refresh. – Nawaraj Oct 13 '17 at 08:00
  • @KIKOSoftware It work when I click submit button but also insert page when I refresh profile page. – Nawaraj Oct 13 '17 at 08:03
  • 1
    @Nawaraj If i am understanding you question well, then whenever you refresh the page your browser asks if you want to post the data again. To resolve this issue you have to redirect your page to another page after insertion. In you case you can redirect it again to Profile.php – usman ikram Oct 13 '17 at 08:04
  • @usmanikram I want to say that profile page is already open and user submit data from that page . So if it is possible to execute query only when user click submit button then it will be better. – Nawaraj Oct 13 '17 at 08:13
  • You want your code to work correctly, regardless whether a form is submitted multiple times, or the page is redirected. The way to do that is to check if a friend already exists, before you insert it. This is the only way you can guarantee that each friend is unique. – KIKO Software Oct 13 '17 at 09:08
  • @KIKOSoftware I will do on that way. – Nawaraj Oct 13 '17 at 09:13
  • 1
    Only use blockquotes for actual quotes and use bold sparingly for emphasis, not to attract attention, so please remove it. – Funk Forty Niner Oct 13 '17 at 12:36
  • @Fred-ii- By the simple help of KIKOSoftware I have solve my problem before you suggest two answer. And also among two of them one is helpful for me. – Nawaraj Oct 13 '17 at 14:07
  • I have no need to "answer", I simply asked you to remove the blockquote, thank you. – Funk Forty Niner Oct 13 '17 at 14:08
  • @Fred-ii- Can I answer myself with my solution or delete this question. – Nawaraj Oct 13 '17 at 14:09

1 Answers1

2

After validation and successful insertion into the database in Frnd.php you need to redirect the user/client back to your Profile.php.

brombeer
  • 8,716
  • 5
  • 21
  • 27
  • If you look to profile.php code you will find include('frnd.php'); so that after user click submit button, frnd.php also execute in same page. And it was not good idea to redirect to Profile.php from Profile.php – Nawaraj Oct 13 '17 at 08:24
  • After clicking submit your page will submit the form using the POST method. This is why you get the confirmation dialog (from your browser) when you reload the page ("Should I POST the data again?"). Redirecting to Profile.php from Frnd.php will redirect using the GET method. The included Frnd.php will be included but no code is being executed since it only fires when $_POST['add'] is set. – brombeer Oct 13 '17 at 08:30