How to stop form resubmitting data on refresh?

ElectricRain

Im just using a simple form with

if(isset($submit)) { do stuff }

to send internal messages around my site, and have discovered that if some genius hits the refresh button, it resends the message. Does anyone know how I make it err.. not do?

Roger_Ramjet

Could be done with php sessions, amongst other thing. Simply record last url requested and check that before sending messages, if it's a reload then the urls will match so drop post vars and no message.

Could also track the messages sent the same way, simply add a line to store a session var into the if(isset($submit)) { do stuff } routine. Then test for it each time.

ElectricRain

but i do want people to be able to send more than one message, i mean, wouldnt doing it with sessions stop them from sending more than one message in the same session.. err.. without closing the browser n starting over i mean?

Roger_Ramjet

We're probably speaking about 2 diffferent things here.

I understood it to be script to script messages that were being sent.

Still, I did mean that you store something to uniquely identify each message so that you could stop repeats while still allowing new messages. Just save some of the post data and compare against all new post data.

ElectricRain

Hmm. its internal mail.. like uhh, I'll show you a simplified down version of the code

//form goes here.
if(isset($submit)) { 
//If the submit button was pressed do:
//check if user exists (erased to simplify code)
// set up & check basic ftp connection (erased)

//if the to users mail folder doesnt exist create it now
if (!file_exists("users/$touserfolder/$tousername/mail")) {
	mkdir("$home_dir/users/$touserfolder/$tousername/mail");
	chmod("$home_dir/users/$touserfolder/$tousername/mail", 0777); }

    //check message field isnt empty
    $message = $_POST['message'];
    if ($message == "") { echo ("could not send mail because message field was empty");
exit; }
    if ($message != "") { 
//generate a random number
$random_number = rand(100000, 999999);
$extension = ".txt";
//add it to the mails filename
$mailname = $random_number.$to.$extension;

             $fp = fopen("$home_dir/users/$touserfolder/$tousername/mail/$mailname", "w") or die ("could not send mail because message could not be created");
chmod("$home_dir/users/$touserfolder/$tousername/mail/$mailname", 0666);

           // write the data to the file
fwrite($fp, $message) or die ("could not send message"); 

//now add the data to the database
$date = gmdate("Y-m-d");
$insert = "INSERT into mail VALUES ('NULL', '$to', '$mysite_username', '$date', '0', '$subject', '$mailname')";
$insert_result = mysql_query($insert) or die(mysql_error()); 
}
// close the connection
           ftp_close($conn_id);
}
}

Ok now this works but problem is if someone refreshes the page, the form thinks its trying to resend the data and you get the same message two or three or fifty million times depending on how inpatient our adorable little refresher is. I need for it not to do that. I cant really check for messages with the same name, as Im using a random number as part of the name in order to give each mail message a unique identifier. The only other way I could think of is by inserting the data into the database FIRST and using the id as the unique identifier but if i do that, and a mistake occurs between entering message into the database, and writing the text file with the message on, the sender will recieve a message that contains a error because my inbox works on retrieving rows from the database. Is there a neater way to do this that Ive not thought of, where I can still write the text file FIRST?

Roger_Ramjet

You can not stop the browser from resending form data when someone refreshes a page, so you have to stop your script from processing it more than once.

Generate your random number when you send the page and store it in a hidden field on the form. When user submits form, save it in session var. If user refreshes form then same number will be in it, check against session var and you will trap duplicate from refresh.

_theworks

You could doing somthing like once you submit the form ->its does specific task -> then redirects to the original location ?

ElectricRain

session vars? uhh.. slightly confused you mean like stick it up in the address bar n check future submissions against that? im not really good with sessions stuff :$ havent used them much.

_theworks

could u try make it so wen the user submits the form it sends the message and whatever else and then redirects them back the the original page?

ElectricRain

_theworks wrote:
could u try make it so wen the user submits the form and sends the message and whatever else then redirect them back the the original page?

Yah I will be redirecting them after, but you know how ppl are. if something doesnt load at once its refresh refresh REFRESH lol.. n that will resend the message, which is something i really wanna avoid.. its just not very.. err.. tidy. 🙁

_theworks

ok this is prolly WAY OFF but cant you use javascript to change a input element's status to disabled? so you could do some js like onclick="disable_submit_button()"?
so once they click it it beomes disabled
(i dont know much javascript)

_theworks

consider this example

<html>
<head>

<script type="text/javascript">
function disablebutton()
{
document.form1.but.disabled=true;
}
</script>

</head>
<body>

<form name="form1">
<input type="button" onclick="disablebutton()" value="Click me" name="but">
</form>

</body>
</html>

rikmoncur

I haven't tried it, but would this work? :

page loads, form is blanked.
code checks to prevent blank form submission.
client fills in form, submits, mail is processed on same page.
page reloads with blank form and success message.

ElectricRain

rikmoncur wrote:
I haven't tried it, but would this work? :

page loads, form is blanked.

code checks to prevent blank form submission.

client fills in form, submits, mail is processed on same page.

page reloads with blank form and success message.

Yes thats pretty much what I have. Problem appears when page takes a moment to load up. Or when people hit submit more than once. Im basically going for a moron proof system. I want it not to be possible to resend form data.

ElectricRain

_theworks wrote:

consider this example

<html>
<head>

<script type="text/javascript">
function disablebutton()
{
document.form1.but.disabled=true;
}
</script>

</head>
<body>

<form name="form1">
<input type="button" onclick="disablebutton()" value="Click me" name="but">
</form>

</body>
</html>

That could actually work, I'll give it a go, thanks.

Robban

Or..

<?php
if ($_POST[]) {
# Insert stuff to database or do whatever you like...
header("Location: samepage.php");
exit();
}

?>

So you would redirect without any post... And they can reload / refresh the page without resubmitting.

satria

i agree with Robban ... the rule is put the processing code not in the same file of form. Then redirect to the form page again after process is done.

[html form] ----> 'submit' ----> [process page] ----> if true redirect to [html form] or other pages

😉

_theworks

I think both of you have missed the point as i did wen i first saw this post.

the problem is once you push the submit button it may take a few seconds for the next page to load so within that few seconds some d*ckwad of a user might decide clicking the submit button 20 times will speed up the proccess... this normaly causes error in your scripts.