OK, A Simpler Question .

showman

What is the best method to use for keeping someone from backing up to a join form after completing it, to join a second time without having to go through the payment process first.?

I wanted to disable the back button, but from all I can find on the subject, it isn't possible, so there must be a way to work around it if anyone has any suggestions.

thank you
doug

Mordecai

I'm not sure what you're exactly trying. Try setting the cache settings to expire quickly. For more information, look at header().

showman

Thank you for your response, but I don't think that would be the best solution for this instance..

What it is that I am trying to correct is when a person joins as a member and pays the membership fee through paypal, they are then redirected to the join form, where they fill in their member information and select which product they want to receive..

That all works fine, but the problem is that after they do that, and get a thank you screen, they can hit the back button, and refresh the screen, and they are back at the join form, where they can join a second time and select a different product, and the script doesn't know the difference..

Hope that explains it... I just don't want them to be able to join more then one time for one payment.

thanks
doug

adamgeorge

Ahh... I know what you mean now. I replied to your other post, but only really just worked out what you mean now.

Ok so... like I said in the other thead, store the payment info in the database. Then when they join, check first to see whether they have completed the subscription for the payment they have just made. In most cases they of course wouldn't have, and you then simply update that information to include their new member info.

However if they have hit back on their browser to hit submit for a second time, they won't be able to join again, cause they have already completed the membership info for the payment they've just made.

Now, how you go implementing this is up to you. I would try to keep use of cookies and sessions and stuff to a minium, since you want this to be secure as possible if online payments are involved. Otherwise you're just asking for people to rip you or your customers off.

Maybe look into using SSL or other secure technologies...

k, cya man
- Adam 🙂

showman

Adam,

Thank you. What you are saying makes total sense..

I was just sitting here staring at the code while waiting to see if I got a response, and it hit me.. After they fill out the member form, I update information in the database transaction record, that is not placed there from anyplace else..

So all I have to do is check to see at the beginning of the script if that has been updated and if it has, then redirect them with a header to a different page...

I think that is the same thing that you just said, and I'm about to try that... If it doesn't work then I may be back for more clarification on your thoughts..

thanks again,
doug

showman

Adam,

You were right, and I'm proud to say that I came up with the
same answer (basically) as you and then your confirmation of
that answer promped me to try out some coding..

Thought I'd define it here for anyone that is interested in the answer.

Like I said, when they fill out the member join form, I update a
field in the transaction record, so this is all I ended up having to
do, at the top of the script, before anything else happens:

$query = "SELECT * FROM transaction_record
	WHERE transaction='$invoice' and username=''
	";
$result = safe_query($query);
if(!mysql_num_rows($result)){ 
// Checking for record that hasn't been updated so if I don't get a
// record that means NO empty record exists with that invoice number
// so either the invoice number doesn't exist, or they have
// already joined so record has values

header ("Location: http : // www . the_web_site . com");
}

Otherwise they just drop through and continue the process of joining..

PLUS, the bonus is that it solved another equally as irritating
problem... Now you can't even go directly to the join page and
join without paying, because the same code eliminates that from happening too..

I love it when a plan comes together...

Now if I can just get that session problem figured out, the site will be good to go..

thanks again for your help.

doug