|
PHP - Post Form Resubmits When Going Back In Browser History
Hello everyone,
I am having a problem since some time now and need some help. I have created a login page where the user has to input a username and password to login. The username will be put in a session and when the user logs out the session data and session itself gets destroyed. However when I go back in the browser history to the page where I logged in I get the "famous" resend information dialog that asks you to resend the information from the login form. Which means that all the post data gets resend and the user logs in again without having to put in a username and password. Here is my code: Login.tpl: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Snitch</title> <link rel="stylesheet" type="text/css" href="templates/css/snitch1440x900.css" /> </head> <body> <div id="login-achtergrond"> <div id="login"> <form action="." id="loginform" name="login" method="post"> <input type="hidden" name="actie" value="Login"></input> <input type="text" id="username" name="username" value="" style="opacity:0.7;filter:alpha(opacity=70)"></input> <input type="password" id="password" name="password" value="" style="opacity:0.7;filter:alpha(opacity=70)"></input> <input id="aanmelden" type="submit" name="submit" value="" style="opacity:0;filter:alpha(opacity=0)"> </form> </div> <div id="registreer"> </div> </div> </body> </html> Here is the code of my login page (I created this in a OOP way): Code: [Select] <?php class Handler_Login extends Actie_Handler { function __construct($actie_handle) { parent::construct($actie_handle); $this->actie = $actie_handle; } function secured_handler() { if ($this->session->check_session() == false) { $password = $_POST['password']; $username = $_POST['username']; $login = $this->dbh->Login($username, $password); if ($login == true) { $this->session->set('username', $username); $this->view->displayHome(); $this->view->display(); } else { echo "You are not logged in!"; } unset($_POST['password']); unset($_POST['username']); } if ($this->session->check_session() == true) { $this->view->displayHome(); $this->view->display(); } } } ?> Here is the code of my logout: Code: [Select] <?php class Handler_Loguit extends Actie_Handler { function __construct($actie_handle) { parent::construct($actie_handle); $this->actie = $actie_handle; } function secured_handler() { $this->session->stopSession(); $this->view->displayLogin(); $this->view->display(); } } ?> Here is the code of my session: Code: [Select] <?php class Session { function __construct() { if(!isset($_SESSION)) { session_start(); } } function set($name, $value) { $_SESSION[$name] = $value; } function get($name) { return $_SESSION[$name]; } function stopSession() { $_SESSION = array(); //even though I don't use any cookies someone told me that I had to remove the cookie of the session to completely destroy it? //please tell me if this is correct if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); } function session_message($naam) { return print_r($_SESSION[$naam]); } function check_session() { if(isset($_SESSION['username']) && !empty($_SESSION['username'])) { return true; } else { return false; } } } ?> this is the code of my view for those who might be interested: Code: [Select] <?php class view_manager { private $tpl; function __construct() { } function displayStatus() { $status = file_get_contents("templates/status.tpl"); $this->tpl = str_replace("%content%", $status, $this->tpl); } function displayLogin() { $this->tpl = file_get_contents("templates/login.tpl"); } function displayHome() { $this->tpl = file_get_contents("templates/home.tpl"); } function display() { echo $this->tpl; } } ?> using a header to redirect to the login page is not going to work since I use my view_manager to display the pages. Does anyone know of any solution to get rid of that stupid resend information dialog without using a header? I tryed unsetting the values of POST in my login code but that did not seem to work. Please help me out I've been looking for an answer for over 1 and a half week so far Is there anyone who knows how to remove the POST data from a form when the user goes back in browser history? If it's not possible, is there any solution except using a header? Similar Tutorials
I Need To Show Data After Pressing Browser's Back Button [accidentally Pressed Enter Instead Of Tab]
Dear fourm, i am wondering if anyone can shed some light on this form submission problem with back/forward buttons. long story short: i used to make a form, then submit to a form process php file. errors were difficult to deal with. Thus, many people tell me to submit to the same page. I now submit to the same page. my homepage has a login button. i use a csrf token in a hidden input matched with a session variable. i decided to submit to same page and handle the submit like so: if server request-method = post and isset input name and isset session token then check the token with hash_equals if everything matches then show the login page. i don't have a problem with the form and the form submission processing. everything i fine. now when i use the browser refresh button on the login page, i am sent back to the homepage. all is good. when i press the back button, i go back to the homepage again. super. then i press the forward button in the browser and i get a not connected error. the back button now also shows this error. i tinkered around a bit and added crazy ideas and it worked one time with unset($_POST) as an else to the if mentioned above. the idea is that if server request-method is post without an else. the page is listed below for any get request to process. i assume that the browser is trying to repost data is empty but my if statement should kick it out to the get code, right? what i want is to unset the csrf token and the matching session token for security purposes. i suppose that this breaks the back/forward buttons? how can i get the browser to show the homepage regardless of the post situation? there must be a logical answer. something in my code is breaking this an preventing the browser from simply loading the home page any help is greatly appreciated! Thank you. Please, take a look to the following code.After clicking Next it goes to overview.php.Why when I click back on my browser to return to this page again, it is not returning back? When I click back I receive "Confirm Form Resubmission" message. After refreshing page it loads page. I guess problem is in "session_start();" part. Something to do with cookies. Please, help me it is very urgent for me. <?php session_start(); echo "<html> <head> <title>Hello World</title> <meta http-equiv='Content-Type' content='text/html; charset=Windows-1252'/> </head>"; require_once ('functions.inc'); if(!isset($_POST['userid'])) { echo "<script type='text/javascript'>"; echo "window.location = 'index.php'"; echo "</script>"; exit; }else{ session_register("userid", "userpassword"); $username = auth_user($_POST['userid'], $_POST['userpassword']); if(!$username) { $PHP_SELF = $_SERVER['PHP_SELF']; session_unregister("userid"); session_unregister("userpassword"); echo "Authentication failed " . "Please, write correct username or password. " . "try again "; echo "<A HREF=\"index.php\">Login</A><BR>"; exit; } } function auth_user($userid, $userpassword){ global $default_dbname, $user_tablename; $user_tablename = 'user'; $link_id = db_connect($default_dbname); mysql_select_db("d12826", $link_id); $query = "SELECT username FROM $user_tablename WHERE username = '$userid' AND password = '$userpassword'"; $result = mysql_query($query) or die(mysql_error()); if(!mysql_num_rows($result)){ return 0; }else{ $query_data = mysql_fetch_row($result); return $query_data[0]; } } echo "hello"; echo "<form method='POST' name='myform' action='overview.php'>"; echo "<input type='submit' value='Next'>"; echo "</form>"; ?> hello guys, this is my first post on this forum and I really need your help on this. What I have is: I created a login page a home page and a index page. The index page checks if the session is set. If it's not the login page will be shown. If it is the homepage will be shown. Whenever the user logs in, the session gets set. The problem is is that whenever I login and the user presses the back button on his browser my session will always be returned false which means that whenever a user has logged in, the index page doesn't show home but shows the login page again even though the user has already logged in. Here is my code to make you understand a little bit better: session.php: Code: [Select] <?php class Session { function __construct() { } function set($name, $value) { $_SESSION[$name] = $value; } function get($name) { return $_SESSION[$name]; } function stopSession() { unset($_SESSION); session_destroy(); } function startSession() { if(!isset($_SESSION)) { session_start(); } } function check_session() { if(isset($_SESSION['username']) && !empty($_SESSION['username'])) { return true; } else { return false; } } } ?> login.php: Code: [Select] <?php class Handler_Login extends Action_Handler { function __construct($action_handle) { parent::construct($action_handle); $this->action = $action_handle; } function secured_handler() { $password = $_POST['password']; $username = $_POST['username']; $login = $this->dbh->Login($username, $password); if ($login == true) { $this->session->startSession(); $this->session->set('username', $username); $this->view->displayHome(); $this->view->display(); } else { //This is going to get more advanced later on, I'm currently working on resolving my session issue before I continue on this. echo "you are not logged in"; } } } ?> index.php: Code: [Select] <?php class Handler_home extends Action_Handler { public function __construct($action_handle) { parent::construct($action_handle); $this->action = $action_handle; } function secured_handler() { // for some reason this always returns false when the user goes back in history :( if ($this->session->check_session() == false) { $this->view->displayLogin(); $this->view->display(); } else { $this->view->displayHome(); $this->view->display(); } } } ?> anyone has an idea why the login page is always shown ? Hello guys, im new here , hope i meet great and friendly people here. Anyway, i need some help with a new Post back setup and hope anyone here could help me. This old script work but have problem to put in the new post back, here is it. Code: [Select] include("includes.php"); $subid = $_REQUEST['subid']; $survey = $_REQUEST['survey']; $earn = $_REQUEST['earn']; $pdtshow = $_REQUEST['pdtshow']; //$query_getuserid = mysql_query("SELECT id from members WHERE username= '".$subid."'") or die(mysql_error()); //foreach(mysql_fetch_array($query_getuserid) as $userid); $query_checkRef = mysql_query("SELECT referral_ID from members WHERE username= '".$subid."'") or die(mysql_error()); foreach(mysql_fetch_array($query_checkRef) as $ref_id_user); if ($ref_id_user>=1) { mysql_query("UPDATE members SET points=points+".$pdtshow." WHERE username='".$subid."'"); mysql_query("UPDATE members SET completed_surveys=completed_surveys+1 WHERE username ='".$subid."'"); mysql_query("UPDATE members SET points=points+".$refer_points." WHERE id ='".$ref_id_user."'"); mysql_close(); echo "Success: ".$subid." earned ".$pdtshow." points\n and is referred by".$ref_id_user; }else { mysql_query("UPDATE members SET points=points+".$pdtshow." WHERE username='".$subid."'"); mysql_query("UPDATE members SET completed_surveys=completed_surveys+1 WHERE username ='".$subid."'"); mysql_close(); echo "Success: ".$subid." earned ".$pdtshow." points\n and is referred by nobody"; } ?> Here is the new postback i should insert. Code: [Select] cvid ip name status sid And it should seem like this: http://example.com/postback.php?txid=1234&ip=123.123.123.123&name=Unlocker+#1&status=1&sid=abc Can anyone help me out ? Maybe insert it for me and send it over to me -Trizocy This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=349304.0 not sure if this will find an answer but I am posting anyway. Any help is appreciated....my coder has left the team and no matter how I invite her to come and do some bug squashing, her new schedules won't fit a re-visit into my little aplication...I am eager to delve into the codes at my very low knowledge of php. I have initiated reading and is still trying to teach myself...but of course not as fast as the app needs the patch...here's the meat: Hey Guys. I am working with a form that shows the grand total on the checkout page. The value of the grand total is inside a hidden field. When click on submit, the _POST array doesn't get back the last value of the grand total. I need to hit the button twice to get the last value. The weird thing is when I echo the value of the grand total it display the latest value, but not with the POST array
For example. If the grand total is $10.00 and I click on submit. It will show the POST['grand_total'] as empty. If I click on submit again it will show the grand total of $10.00.
Below is my code that I am working with. Any help would be really appreciated.
if(isset($_POST['submit'])) {
/* Doesn't show if i put it after if($_POST['submit'] */
if(isset($_POST['grand_total'])) {
echo $_POST['grand_total'];
}
}
//A bunch of other html/php code. Another class calculates the subtotal assigns it the variable $subtotal
$cart_totals = new cartTotals($subtotal, $discounted_amount,$post_values->tip); // Cart class is shown below
/* Doesn't show if i put it before if($_POST['submit'] */
if(isset($_POST['grand_total'])) {
echo $_POST['grand_total'];
}
echo "<input name='grand_total' type='hidden' value='$cart_totals->grand_total' />"; // Shows the grand total after second from submission
echo "$cart_totals->grand_total"; // Shows grand total after the first submission
Cart Totals Class
class cartTotals {
public $subtotal;
public $sales_tax;
public $tip;
public $grand_total;
public $discount_amount;
public $href_page;
public $invalidCouponMessage;
const TEST_ENVIORMENT = FALSE;
/**
* [ Function gets constructed in the order summary where the [$discount_amount= ""] arg does need to be passed.
* But does get passed in when called on the checkout.php page. Therefore we set the default value to an empty string.]
* @param [float] $subtotal [subtotal get passed in from the parent class coreCartFunction]
* @param string $discount_amount [The class checkCouponCode calculates this discount amount based on the
* subtotal and the discount amount. It gets instantiated on the clients side and passed is this construction function.
* This is all done on the checkout page.]
*/
/*The way the construct function works is by invoking all the methods the passed arguments
When the methods get invoked the do all the work and set the properties its values. The properties then get echoed out
on the client side. */
function __construct($subtotal="", $discount_amount= "", $tip=""){
$this->subTotal($subtotal, $discount_amount);//SubTotal method takes the discount amount and subtracts it from the subtotal.
$this->salesTax($subtotal, $discount_amount);
$this->tip = $tip;
$this->grandTotal();
}
private function subTotal($subtotal,$discount_amount) {
$rounded_subtotal = round($subtotal-$discount_amount,2);
$money_format_subtotal = money_format('%i',$rounded_subtotal);
$this->subtotal = $money_format_subtotal;
}
private function salesTax($subtotal, $discount_amount =""){
$sales_tax = (STORE_SALES_TAX)?(float)STORE_SALES_TAX:8.875;
$sales_tax =(($this->subtotal)*$sales_tax)/100;
$sales_tax = round($sales_tax,2);
$this->sales_tax = $sales_tax;
}
public function Tip() {
//global $post_values;
//$last_tip_selected = $post_values->tip > 0 ? $post_values->tip : "" ;
$tip_output = "<select id='tip' name='tip'>";
for($tip=0.00; $tip<=11.75; $tip+=0.25){
if( $tip == "2") {$selected = " selected";} else {$selected ="";}
$formatted_tip = money_format('%i',$tip);
$tip_output .= "<option {$selected} id='selected_tip' value='$formatted_tip'>"."$".$formatted_tip ."</option>".PHP_EOL;
}
$tip_output .= "</select>";
return $tip_output;
}
private function grandTotal(){
$grand_total = round($this->sales_tax+$this->subtotal+$this->tip,2);
$grand_total_formatted = money_format('%i',$grand_total);
$this->grand_total = $grand_total_formatted;
}
Hi, I'm trying to setup a quick PHP script that will grab the email from the url (see below) and after inserting into MySQL db - which is working fine - the script will complete two additional tasks: 1. send that same captured email out to a external db as in shown via http://domain1.com/insert.php?email=$lead (example), but then send to a DIFFERENT source - the originator of the lead - a portback acknowledgement using Header (sending the status and email to http://domain2.com/check.php?e=$lead&s=$status for their records). See the code below: ------------------------- Code: [Select] $lead = $_REQUEST['e_mail']; // will grab email from posted url string and assign to local variable $result = mysql_query($command); // this is just to execute the MySQL insert which works just fine but included here to explain validation below // Create API Call string to insert lead into iContact folder $requestURL = "http://domain1.com/insert.php?email=$lead"; // Execute API Call to CAKE $xml = simplexml_load_file($requestURL) or die("feed not loading"); if ($result) { $status = 1; // mark lead as sucess // send postback on lead status header("Location: http://domain2.com/check.php?e=$lead&s=$status"); } -------- Problem: I'm getting all sorts of errors with the simplexml_load_file() function and can't figure out why it won't work. Any input appreciated as this the only way I know how to pass the lead onward and then inform/update the other party of receipt of information. thanks! This topic has been moved to Ajax Help. http://www.phpfreaks.com/forums/index.php?topic=354724.0 Hi Having thought the PHP form was working OK, I took a break. Upon return, it's up to its old tricks. Could anyone glance over this code for blatant errors? It works when it wants and when it doesn't... Much appreciated <? $select=$_POST['select']; $name=$_POST['name']; $email=$_POST['email']; $confirmail=$_POST['confirmail']; $month=$_POST['month']; $day=$_POST['day']; $year=$_POST['year']; $leaving=$_POST['leaving']; $hour=$_POST['hour']; $minutes=$_POST['minutes']; $ampm=$_POST['ampm']; $going=$_POST['going']; $flightnumber=$_POST['flightnumber']; $pay=$_POST['pay']; $song=$_POST['song']; $comments=$_POST['comments']; $to="beepbeepyeah@kabeoke.com"; header('Location:http://www.kabeoke.com'); $message="Message Type: $select\n\nName: $name\n\nEmail: $email\n\n$confirmail\n\nDate of Journey: $month, $day, $year\n\nLeaving From: $leaving\n\nDeparture Time: $hour:$minutes $ampm\n\nGoing to: $going\n\nFlight Number: $flightnumber\n\nPayment Method: $pay\n\nSong Requests: $song\n\nComments: $comments"; if(mail($to,"Slap it - message from Kabeoke.com!",$message,"From: $email\n")) { } else { echo "There was a problem sending the mail. Please check that you filled in the form correctly."; } ?> Hello Everyone, I have created a form for a personal project that I am working on. I have some error checking and stuff in the form but what I would like to happen is when an error has occurred for the page to reopen the form with the error message. I know that this can be done with the header function. But how do I get the form to display the error. Here is the block of code that I am working with Code: [Select] if ($file_error > 0) { header ('Location: add_category.php'); echo "There was an error uploading file."; } else { if ($file_type != $image_array) { header ('Location: add_category.php'); echo "Invalid Image Type"; } if ($file_name == FALSE) { header ('Location: add_category.php'); echo "Please choose a image for your category"; } if ($file_size > 5000000) { header ('Location: add_category.php'); echo "File size is to large. Images must be smaller than 5MB."; } if (str_word_count($description) > 300) { header ('Location: add_category.php'); echo "<p>category description must be less than 300 words<br />You have '.str_word_count($description).' words</p>"; }This is the form code that I am working with Code: [Select] <div id="content"> <form id="add_cat_form" name="add_cat_form" action="do_category.php" method="post" enctype="multipart/form-data"> <fieldset> <legend><p>Add Category</p></legend> <p> <label for="cat_name">Category Name:</label> <input class="input_box" type="text" name="cat_name" id="cat_name" /> </p> <p> <label for="cat_image">Category Image:</label> <input class="file" type="file" name="cat_image" id="cat_image" /> </p> <p> <label for="cat_desc">Description:</label><br /><textarea class="cat_desc" name="cat_desc" id="cat_desc"></textarea><br /> <span id="word_count">300 words Max</span> </p> <input class="submit_button" type="submit" value="Add Category" /> </fieldset> </form> </div> On an HTML Form, I have several Text boxes called "base1, base2...base13" Another text box I have is called "base_quantity" In my PHP routine: This is part of my code: Code: [Select] $selected_base = $_POST['base1']; if ($selected_base == 'yes') { $base_value = $base_value + 1; $base_status = 'Yes'; } else if ($selected_base == 'no') { $base_value = $base_value - 1; $base_status = 'No'; }Later on in the PHP routine I want to pass back to the Form the value of $base_status and place it in the "base_quantity" text box. Something like this: base_quantity = $base_value. Can someone tell me how information is passed back to the FORM. Thank You, Sam Hello everyone. I am writing this order/feedback form using a php script.
Every time i hit submit, the html page (that has the form inside) just reloads and does not perform the script
could anyone give me some pointers in my code the form/php?
I have made sure they are linked verbatim
I am a nube so please forgive my inexperience
Here is the form in the html , down below it is the corresponding php code for the form
Hi am in processes of making a bespoke CMS for a project in uni am having a problem with my scrip basically i have three php files i have content which echos out the database tables i wish to edit with a link to an update_content page when u click on that it bring u too update_content.php which allows the user to modifier the content in the tables but when i hit update am getting a Parse error: syntax error, unexpected T_IF in line 4 of my update_ac file any help would be great cheers richie <?php require("includes/connection.php") // If form button has been pressed then do the following if(isset($_POST['update'])){ // Get id of post $id = $_GET['id']; $header = $_POST['header']; $content = $_POST['content']; // Update database table $query = "UPDATE pages SET header = '$header', content = '$content' WHERE id = '$id'"; $result = mysql_query($query); if ($result){ echo "Successfully edited entry"; } else { echo "There was error editing entry"; } } ?> Hi guys, i was wondering how can i make php to generate custom image with required fields (contact form). For example, i have a page with first name, last name, full address, email. And it's like this: First name: <input field here> Last name: <input field here> Full Address: <input field here> Email: <input field here> I would like to know how can i (once they fill all the info) generate an image with custom background (prepared full image previously) with all the filled info and have it emailed back to him. That email should be something like: Dear, FirstName, Here's your full info displayed on image below <img src="/path/to/thatImage.png"></img> Is this even possible? If so, please let me know how, i used to google a lot, but i can't find a solution, and i'm beginner in coding. Hope you guys will help me out, thanks a lot in advance! This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=347360.0 In my invoice system im trying to carry information from 1 page to another, witch i have been successful with, now I am trying to alter table rows on my data tables I need to send the same account number and invoice number, how can i achieve this without putting the account number and invoice number inside a form element? Ok so I've got trouble with a form I'm creating, I've got this: <form id="login" name="login" action="URL" method="post"> and then Input fields like: <input tabindex="3" type="text" class="login-field" name="acc.username" id="login-username" value="" maxlength="48"/> Now, if I go and submit that, and on the "URL" page I've had it echo $_POST['acc.username'] but it doesn't echo anything. I think it may be a problem with the form itself.. although I can't see one. The code I got for URL: <?PHP include('global.php'); if(isset($_POST['acc.username'])) { echo "lol"; } else { echo mysql_error(); } ?> |
|||||||