如何在刷新页面或单击后退按钮时阻止表单重新提交

时间:2017-07-09 00:38:03

标签: php jquery forms

在我的表单上,我允许用户将文件上传到数据库,然后将其发送到另一个页面,即submission_successful.php,上面写着“谢谢你提交”。但我注意到,当我点击提交成功的php文件的后退按钮,它返回到表单,相同的信息在那里,并允许另一个提交。我想要做的是在按回按钮时删除代码,或清除用户输入的所有内容。我找到了几个答案,比如使用缓存控制但是,有些是模糊的,有些则不适合我。此外,我不希望用户在成功页面上返回上传页面。这就是为什么我会为“注销”或“返回上传页面”创建2个按钮,如果他们回击按钮,它将崩溃。我想显示Confirm Form Resubmission页面。在其他帖子中,他们试图实际阻止“确认表格重新提交”,但我希望有安全性。这是我的代码

developerUpload.php

<?php

session_start();

if(array_key_exists("invalid", $_GET)){

    echo '<br><h3 style="color:red;">File(s) were already submitted! Please re-name file or select a different file...</h3>';
}

if(isset($_COOKIE['username'])){

    if($_SERVER['REQUEST_METHOD'] =="POST"){

        $price = addslashes(trim($_POST['price']));
        $description = addslashes(trim($_POST['description']));

        if(!empty($price) && !empty($description)){

            $userid = $_SESSION['id'];
            $username = $_SESSION['username'];
            echo '<br>'.$userid;
            $pack_id = rand();

            //Check file 1
            if($_FILES['file1']['error'] !== UPLOAD_ERR_OK){

                    $file1 = null;
            }else{

                $target1 = "devFiles/";
                $target_file1 = addslashes(trim($target1 . basename($_FILES["file1"]["name"])));
                $file1 = addslashes(trim($_FILES['file1']['tmp_name']));

            }

            //Check file 2
            if($_FILES['file2']['error'] !== UPLOAD_ERR_OK){

                    $file2 = null;
            }else{

                $target2 = "devFiles/";
                $target_file2 = addslashes(trim($target2 . basename($_FILES["file2"]["name"])));
                $file2 = addslashes(trim($_FILES['file2']['tmp_name']));

            }

            //Check file 3
            if($_FILES['file3']['error'] !== UPLOAD_ERR_OK){

                    $file3 = null;
            }else{

                $target3 = "devFiles/";
                $target_file3 = addslashes(trim($target3 . basename($_FILES["file3"]["name"])));
                $file3 = addslashes(trim($_FILES['file3']['tmp_name']));

            }

            //Check file 4
            if($_FILES['file4']['error'] !== UPLOAD_ERR_OK){

                    $file4 = null;
            }else{

                $target4 = "devFiles/";
                $target_file4 = addslashes(trim($target4 . basename($_FILES["file4"]["name"])));
                $file4 = addslashes(trim($_FILES['file4']['tmp_name']));

            }

            //Check file 5
            if($_FILES['file5']['error'] !== UPLOAD_ERR_OK){

                    $file5 = null;
            }else{

                $target5 = "devFiles/";
                $target_file5 = addslashes(trim($target5 . basename($_FILES["file5"]["name"])));
                $file5 = addslashes(trim($_FILES['file5']['tmp_name']));

            }

            //Check video
            if($_FILES['video']['error'] !== UPLOAD_ERR_OK){

                $video = null;
                $videoName = null;
            }else{

                $target = "devFiles/";
                $target_file = addslashes(trim($target . basename($_FILES["video"]["name"])));
                $video = addslashes(trim($_FILES['video']['tmp_name']));
                $videoName = addslashes(trim($_FILES['video']['name']));

            }

            if(file_exists($target_file1) 
               or file_exists($target_file2) 
               or file_exists($target_file3)
               or file_exists($target_file4) 
               or file_exists($target_file5) 
               or file_exists($target_file)){

                header("Location: developerUpload.php?invalid");
                exit;

            }

            if(move_uploaded_file($_FILES["file1"]["tmp_name"], $target_file1) 
               && move_uploaded_file($_FILES["file2"]["tmp_name"], $target_file2)
               && move_uploaded_file($_FILES["file3"]["tmp_name"], $target_file3)
               && move_uploaded_file($_FILES["file4"]["tmp_name"], $target_file4)
               && move_uploaded_file($_FILES["file5"]["tmp_name"], $target_file5)
               && move_uploaded_file($_FILES["video"]["tmp_name"], $target_file)){

                try{

                    // new php data object 
                    $handler = new PDO('mysql:host=127.0.0.1;dbname=magicsever', 'root', '');
                    //ATTR_ERRMODE set to exception
                    $handler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

                }catch(PDOException $e){
                    die("There was an error connecting to the database");   

                }

                header("Location: submission_successful.php?");
                die();
            }



        }else{

            echo '<br><h1 style="color:red;">VALUES MISSING!</h1>';

        }
    }
}else {

    header("Location: developerLogin.php");
}



?>

submission_successful.php

<?php
session_start();

    if(array_key_exists("invalid", $_GET)){

        header("Location: developerUpload.php?invalid");

    }
    if(isset($_COOKIE['username'])){
        echo '<br><h1 style="color:red; text_align:center;">Thank You for Submitting!</h1>';

    }else{

        header("Location: developerLogin.php");
    }

?>

3 个答案:

答案 0 :(得分:3)

我在寻找好几天,终于找到了一些东西。如果您使用HTML命令,它将删除用户返回时用户输入的任何输入。因为我的问题是当用户在重定向后返回时,他们的信息仍然存在但是如果你使用

<form method="post" enctype="multipart/form-data" autocomplete="off">

它删除了所有内容,因此它有点帮助。仍然允许用户返回,但至少现在他们无法重新提交数据。

答案 1 :(得分:2)

不确定您是否可以检查数据库中是否存在两次值(从而阻止多次提交),但您可以阻止用户过于频繁地提交表单。创建一个在第一次提交时保存的时间戳,如果第二次重新提交的时间戳与第一次提交的时间戳不是太大(大),你可以尝试(你提交得太频繁),或者你可以使用ajax或者https://es.m.wikipedia.org/wiki/Post/Redirect/Get

答案 2 :(得分:0)

使用像这样的会话变量

$_SESSION["post_id"] = "";
if($_POST) {
    if($_POST["post_id"] != $_SESSION["post_id"]) {
        $_SESSION["post_id"] = $_POST["post_id"];
        // do database submission here
    }
}

这会设置会话变量,如果他们重新提交表单,则不会发布两次数据。