-1

I created a form and when I submit the form, my php writes the form data to a database. Done.

But now I am seeing that the form is still written to the database when some fields are left blank, the code just writes variables left over from the last submission that had the form field filled out.

I have tried the following if statement but this is not cutting it:

if ( isset( $_POST['request_num']) ) {
// write to the database
}

Can I modify the if-statement to say: run the code IF the variable $_POST['request_num'] has been set on this submission and ignore all old value set by previous submissions?

David
  • 65
  • 2
  • 8
  • Maybe a little off-topic, but please assure us you know the security issues around accepting unfiltered, unvalidated $_POST data. – David Oct 24 '19 at 14:44
  • well I filter the input with `htmlspecialchars()` so I think that addresses the security, right? – David Oct 24 '19 at 15:02
  • just saying, the code example I saw didn't have any escaping or sanitizing or filtering. – David Oct 24 '19 at 15:39

1 Answers1

0

You can try this:

if (!empty( $_POST['request_num'])) {
    // write to the database
    header('Location: index.php');
}

Using the header will ensure that you won't refresh from the browser and resend the form data. Replace index.php with the proper file name.

Mihai M
  • 26
  • 4
  • Header sends you to your php file clearing data that you submit using POST or GET. So $_POST['request_num'] gets cleared. – Mihai M Oct 24 '19 at 15:21
  • You submit the form and process the data from the POST variables and after that using the header you redirect to the same file but without any input form data. So if you refresh after the redirect you only get what the header sends you and that's only a raw header. Hope this makes sense. – Mihai M Oct 25 '19 at 07:53
  • oh thanks, yes it does – David Oct 25 '19 at 12:49