0

I am creating a project for my class that takes student attendance. I am using <input readonly type="date"> and <input readonly type="time"> to get date and time of attendance and using JavaScript to display current date and time on those input to prevent students from cheating their time.

How can I prevent my form from automatically submitting and inserting data to the database when the page is loaded first hand and/or when reloaded?

<?php

require_once './dba.php';

$status = "";

if(isset($_POST['submit'])) {
    $dt = $_POST['dt'];
    $time = $_POST['time'];

    $query = "INSERT INTO nameOfTable (date, time) VALUES ('$dt', '$time')";

    $d = $conn->prepare($query);

    $d->execute();     

} else {
    $status = "Failed!";
}


?>
s.alonzo
  • 93
  • 7
  • 2
    Could you share more information on the part that actually send the data to your server ? From only what we have in your question, it's quite difficult to know the context around it. Also, please note that the `readonly` attribute can easily be removed with the devtools. You should not rely on their value at all. – Nicolas Dec 21 '21 at 00:29
  • Shared my code to see where I'm at – s.alonzo Dec 21 '21 at 00:41

1 Answers1

0

When you submit the data to the backend you need to redirect the user back to the original page.

After the submit the user will be in the /create page and send the same data ever time he reloads. Therefor after you created the entry in the database you need to redirect the user back to for example '/' so he won't resubmit by accident. Readonly fields won't save you from cheating students ;)

<form action='/create.php'>
...
</form>

At the end of you php script.

// replace with the url of the original submit page.
header("Location: https://example.com/");
Vincent Menzel
  • 1,040
  • 1
  • 6
  • 17