Many of the most commonly used methods to prevent repeated submission in php are database restrictions, and of course, some can be restricted directly on the client. Specifically, what are the examples of preventing repeated submission in php?
The following situations will lead to repeated submission of forms:
Click the submit button twice.
Click the refresh button.
Use the browser's back button to repeat the previous operation, resulting in repeated submission of the form.
Submit the form repeatedly using browser history.
Repeated HTTP requests from the browser.
The webpage was maliciously refreshed.
Here are several solutions:
One: Click the js Settings button, it will be grayed out.
& ltform name=form 1 method=? Post? Action =? /? target = _ blank & gt
& ltp & gt
& lt input type =? Words? name=? T 1? Size =? 20? & gt
& lt input type =? Button? Value =? Submit? onclick=? JavaScript:{ this . disabled = true; document . form 1 . submit(); }? & gt
& lt/p & gt;
& lt/form & gt;
After clicking the button, it turns gray and cannot be clicked. If the user needs to submit the form again, he will refresh the page and fill in the data again before submitting.
Second: Use sessions.
Place a special flag in the session. When a form page is requested, a special string is generated, which is stored in the session and placed in the hidden field of the form. When accepting to process the form data, check whether the identification string exists, delete it from the session immediately, and then process the data normally.
If it is found that there is no valid one. The flag string in the form submission indicates that the form has been submitted, and this submission is ignored.
This provides more advanced XSRF protection for your web application.
When the submitted page is loaded, a random number is generated.
$code = mt_rand(0, 1000000);
Stored in the hidden input box of the form:
& lt input type =? Hide? name=? Code? Value =? & gt
The PHP code on the receiving page is as follows:
& lt? Server-side programming language (abbreviation of professional hypertext preprocessor)
session_start()。
if(isset($_POST[? Code? ])) {
if($_POST[? Code? ] == $_SESSION[? Code? ]){
//Submit the form repeatedly.
} Otherwise {
$_SESSION[? Code? ] =$_POST[? Code? ]; //store code
}
}? & gt
Third: Use cookies.
The principle is similar to session, but cookie once cookies are disabled in the user's browser, this function becomes invalid.
if(isset($_POST[? Submit? ])){
setcookie(? tempcookie? ,? , time ()+30);
Title (? Location:? . $ _ SERVER[PHP _ SELF]); exit();
}
if(isset($_COOKIE[? tempcookie? ])){
setcookie(? tempcookie? ,? ,0); Echo? You have submitted the form? ;
}
Fourth, use the header function to jump.
Once the user clicks the submit button, he will jump to other pages after processing the data.
if (isset($_POST[? Submit? ])) {
Title (? Location: success.php? ); //After processing the data, go to other pages.
}
Five: Add constraints by using the database.
It is the most direct and effective method to directly add a unique constraint or create a unique index in the database, throw out a warning or prompt once the user submits it repeatedly, or only process the data submitted for the first time, which requires comprehensive consideration of the database design and architecture in the early stage.
Six: Publish/Redirect/Get Mode
Perform page redirection after submission, which is the so-called Post-Redirect-Get (PRG) mode. In short, when the user submits the form, you perform client redirection and go to the submission success page.
if (isset($_POST[? Action? ])& amp; & amp$_POST[? Action? ] == ? Submitted? ) {
//Process data, such as going to other pages immediately after inserting data.
Title (? Location: Submits _ success.php? );
}
This can avoid the repeated submission caused by the user pressing F5, and will not give the warning of repeated submission of browser forms, and can also eliminate the same problem caused by pressing the browser back and forth.
;