Refresh form but do not resubmit (PHP)
This question has been asked so many times that most of you don’t want to hear it again. Unfortunately, the solutions that people are proposing are less than ideal.
For those who are new to the concept, a quick explanation is in order. You have a form that you display, validate and act upon (send e-mail, save to database, upload files, etc.) Once this is done, the user might refresh the page and you will end up with duplicate entries.
Bad ideas to handle it are: splitting into multiple files to work around this problem, using the meta-refresh tag, setting unique identifiers and store them in session or in hidden fields, checking for duplicates after resubmission, using javascript…
If you want to know why they are bad, just post a comment and I will give you a detailed explanation of the particular case.
I found a quick and neat way to do it (perhaps I’m not the first, but I feel the need to share it). Append “?submit=true” to your form action and use header(“Location: …”) with the current URL. Thus, once form data has been saved, you will be redirected to the same page without the POST variables. If PHP complains that output was already sent, then you have a bad approach for your output. I usually store all my output in a variable(s) and echo it when everything is okay. More on output in another entry.
Hi,
I was trying to deal with this matter but I gave up as I could not understand it properly.
The solution I have seen is related to the session. when you submit a form then you save the values in a session and then empty the values in the form so the page will not resend the values again when it is refreshed.
Now I am seeing in your blog that this solution would not be good enough.
I would appreciate if you may explain me this problem.
Thanks a lot,
Juan
Sorry for the late response.
The problem with storing your data in the session for every post is that it’s an extra operation that has no real value and can be easily avoided. Also, when you have multiple tabs open with the same form, you may get unexpected results. Last, there may be some data that you would never for the world want to store in a session, such as a password or a credit card number, because they will be unencrypted and in a vulnerable session file (unless your sessions are in DB, but you still have the encryption issue).
Redirection after the post data has been processed is a standard approach used by many renowned PHP frameworks that I have worked with since I posted this article.
Hi Anna have you got a code example you could share, am a newibe and not sure I can picture it right.
Thanks
I am using sessions too to avoid that.
i didnt get it
Great idea Anna. I’ve read in other places about using redirect, but not with the appending of that variable. To elaborate, here is one way you can do it.
In your form have it something like:
At the very top of your php page, before anything is outputted to the screen do something like:
$old_submit = $_GET['submit']; // this gets the submit variable you appended in your form
$current_url = ’samepage.php’
if ($old_submit == “true”) {
header(“Location: $current_url”);
$old_submit = “false”;
}
Let me know if you have any questions or better ways of doing it.
-Mehdi (letdev DOT com – launching december 17th, 2010)
Thank You Anna this is verry good(the best) solution
. Sessions are not good in this case. They can produce great pain. So:
…
I believe this is it. Great! I’ll try it now
I believe this is the code:
file 1 – with the submission form
form … action=”file2.php?submit=true>
…
file 2 – with the code that updates the database