| Author |
Message |
|
Twopea
#1 / 9
|
 vars passing through URL Hello I'm using PHP Version 4.0.6 (so I haven't learned the superglobals thing
yet) (will my scripts work on that version, if I use the new superglobals?)
Everytime I make a form or something like this, it passes all the vars
through the url
so when I'm making a normal e-mail from, I will see emailadresses in the url
and other vars!
This is very annoying, because if I have something I submit to the page
itself, and press reload, it gets added again!
any workaround?
Thanks!
|
| Sun, 24 Apr 2005 01:38:54 GMT |
|
 |
|
stephan bea
#2 / 9
|
vars passing through URL Quote:
> Hello > I'm using PHP Version 4.0.6 (so I haven't learned the superglobals thing
> yet) (will my scripts work on that version, if I use the new
> superglobals?
Many of the superglobals are only available in PHP 4.1 and higher. Some are available in 4.0.x, though. Quote: > This is very annoying, because if I have something I submit to the page
> itself, and press reload, it gets added again!
Try using POST instead of GET? --
----- stephan beal
Registered Linux User #71917 http://counter.li.org
I speak for myself, not my employer. Contents may
be hot. Slippery when wet. Reading disclaimers makes
you go blind. Writing them is worse. You have been Warned.
|
| Sun, 24 Apr 2005 01:43:45 GMT |
|
|
|
Justin Koivist
#3 / 9
|
vars passing through URL Quote:
> >Hello
> >I'm using PHP Version 4.0.6 (so I haven't learned the superglobals thing
> >yet) (will my scripts work on that version, if I use the new
> >superglobals?
> Many of the superglobals are only available in PHP 4.1 and higher.
> Some are
> available in 4.0.x, though.
> >This is very annoying, because if I have something I submit to the page
> >itself, and press reload, it gets added again!
> Try using POST instead of GET?
Depending on the browser, it may prompt you to re-post the information as well. In that case, the same thing will happen only you won't see the information. --
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.
|
| Sun, 24 Apr 2005 01:48:58 GMT |
|
|
|
Twopea
#4 / 9
|
vars passing through URL this worked very well against the vars in the url! thanks! but that still leaves me with another problem. I thought both had the same
reason
when I submit a page, and then press reload, it will re-submit.
any ways to prevent this?
Thaks
Quote:
> > Hello
> > I'm using PHP Version 4.0.6 (so I haven't learned the superglobals thing
> > yet) (will my scripts work on that version, if I use the new
> > superglobals?
> Many of the superglobals are only available in PHP 4.1 and higher. Some
are
> available in 4.0.x, though.
> > This is very annoying, because if I have something I submit to the page
> > itself, and press reload, it gets added again!
> Try using POST instead of GET?
> --
> ----- stephan beal
> Registered Linux User #71917 http://counter.li.org
> I speak for myself, not my employer. Contents may
> be hot. Slippery when wet. Reading disclaimers makes
> you go blind. Writing them is worse. You have been Warned.
|
| Sun, 24 Apr 2005 02:44:15 GMT |
|
|
|
stephan bea
#5 / 9
|
vars passing through URL Quote:
> this worked very well against the vars in the url! > thanks! > but that still leaves me with another problem. I thought both had the same
> reason
> when I submit a page, and then press reload, it will re-submit.
> any ways to prevent this?
By pressing Cancel when your browser warns you about posting the data a second time. That's the only practical way, unfortunately. --
----- stephan beal
Registered Linux User #71917 http://counter.li.org
I speak for myself, not my employer. Contents may
be hot. Slippery when wet. Reading disclaimers makes
you go blind. Writing them is worse. You have been Warned.
|
| Sun, 24 Apr 2005 18:40:08 GMT |
|
|
|
Jochen Dau
#6 / 9
|
vars passing through URL Hi Twopeak!
(...)
Quote: >this worked very well against the vars in the url! >thanks! >but that still leaves me with another problem. I thought both had the same
>reason
>when I submit a page, and then press reload, it will re-submit.
>any ways to prevent this?
Try header() after working with the POST-vars. HTH, Jochen
|
| Mon, 25 Apr 2005 04:04:04 GMT |
|
|
|
Theo Spear
#7 / 9
|
vars passing through URL Quote:
> this worked very well against the vars in the url! thanks! > but that still leaves me with another problem. I thought both had the same
> reason
> when I submit a page, and then press reload, it will re-submit. any ways
> to prevent this?
This can be overcome, but it adds quite a lot of overhead and complexity to the script. To give a rough overview of the process - Keep a list of requests you have served
- When the form is submitted collect together all the form variables
- Combine them in some way into a single value that can be stored in a db
(perhaps add them all to an array and serialize() it)
- Delete all entries in your list of served requests older than a certain
date (to prevent it getting too big)
- Check to see if the calculated value is already in your list of served
requests
- If so display a message and do nothing
- If not add this value and a timestamp to your list of served requests
- Then process the form
You may well decide it is not worth the effort to implement this.
hth
Theo Spears
|
| Mon, 25 Apr 2005 06:49:29 GMT |
|
|
|
stephan bea
#8 / 9
|
vars passing through URL Quote:
> - Keep a list of requests you have served > - When the form is submitted collect together all the form variables > - Combine them in some way into a single value that can be stored in a db > (perhaps add them all to an array and serialize() it) > - Delete all entries in your list of served requests older than a certain > date (to prevent it getting too big) > - Check to see if the calculated value is already in your list of served > requests > - If so display a message and do nothing > - If not add this value and a timestamp to your list of served requests > - Then process the form > You may well decide it is not worth the effort to implement this.
Whew. Many sites get around this by simply doing the following: echo "PLEASE, FOR THE LOVE OF PETE, DO NOT USE YOUR BROWSER BACK BUTTON!!!";
--
----- stephan beal
Registered Linux User #71917 http://counter.li.org
I speak for myself, not my employer. Contents may
be hot. Slippery when wet. Reading disclaimers makes
you go blind. Writing them is worse. You have been Warned.
|
| Tue, 26 Apr 2005 00:52:37 GMT |
|
|
|
Twopea
#9 / 9
|
vars passing through URL it's the reload button anyway, I did use the long method to control for double postings, because it
wasn't allowed to double post anyway!
So it does double work now :)
Stopping users send 10 times the same message
Stopping users who press reload (or perhaps back)
Thanks!
B.
Quote:
> > - Keep a list of requests you have served > > - When the form is submitted collect together all the form variables > > - Combine them in some way into a single value that can be stored in a db > > (perhaps add them all to an array and serialize() it) > > - Delete all entries in your list of served requests older than a certain > > date (to prevent it getting too big) > > - Check to see if the calculated value is already in your list of served > > requests > > - If so display a message and do nothing > > - If not add this value and a timestamp to your list of served requests > > - Then process the form > > You may well decide it is not worth the effort to implement this.
> Whew. Many sites get around this by simply doing the following:
> echo "PLEASE, FOR THE LOVE OF PETE, DO NOT USE YOUR BROWSER BACK
BUTTON!!!";
> --
> ----- stephan beal
> Registered Linux User #71917 http://counter.li.org
> I speak for myself, not my employer. Contents may
> be hot. Slippery when wet. Reading disclaimers makes
> you go blind. Writing them is worse. You have been Warned.
|
| Wed, 27 Apr 2005 01:23:57 GMT |
|
| |
