» » Use PHP to prevent duplicate submiting form

 

Use PHP to prevent duplicate submiting form

Author: bamboo06 on 23-06-2016, 00:26, views: 3106

5
We submit the form, a limit can not be ignored is to prevent users who repeatedly submit the form, because there may be a user continuously hits the submit button or a malicious attacker to submit the data, then we submit the data after processing, such as modifying or adding data to the database when they will get into trouble.


So how do you avoid duplicate submission form this phenomenon happen? We can see from many aspects, first from the front end to make restrictions. In the front-end javascript is disabled after a button is clicked, the disabled, this simple method of preventing multiple clicks the submit button, but the disadvantage is that if the user has disabled javascript script is invalid. Second, we can do after submitting the redirect page redirection, that is submitted after the jump to a new page, the main F5 avoid duplicate submissions, but there are drawbacks. Thirdly, it is made unique database index constraint. Fourth, it is to do the session token authentication.

We now come to study the simple use of token session to prevent the form of repeated submission method.

We in the form with an input hidden field, type = "hidden", its value is value used to hold the token value. When a page refresh the token value will change, after the submission of the judgment the token value is correct, if submitted to the front of the token and the background do not match is considered is repeated submission.
<?php 
/* 
* prevent form submiting repeatly
*/ 
session_start(); 
header("Content-Type: text/html;charset=utf-8"); 
function set_token() { 
    $_SESSION['token'] = md5(microtime(true)); 
} 
 
function valid_token() { 
    $return = $_REQUEST['token'] === $_SESSION['token'] ? true : false; 
    set_token(); 
    return $return; 
} 
 
//if token is null, gen a new token 
if(!isset($_SESSION['token']) || $_SESSION['token']=='') { 
    set_token(); 
} 
 
if(isset($_POST['web'])){ 
    if(!valid_token()){ 
        echo "token error, repeating submit!"; 
    }else{ 
        echo 'Submit success, Value:'.$_POST['web']; 
    } 
}else{ 
?> 
    <form method="post" action="">   
        <input type="hidden" name="token" value="<?php echo $_SESSION['token']?>">   
        <input type="text" class="input" name="web" value="www.goocode.net">   
        <input type="submit" class="btn" value="Submit" />   
    </form> 
<?php     
} 
?> 


Above is a simple example of a simple form to prevent duplication, for reference only. So the actual project development, the form token to do more complex processing, that we say token verification. Likely to do: verify the source domain, namely the antecedents, whether external submit; matching the action to be performed is to add, modify or delete; the next most important is building a token, the token can be using reversible encryption algorithm, as far as possible complex, because the plaintext or unsafe. Token verification of the specific algorithm can refer to the major PHP framework, such as ThinkPHP provides a good token authentication function.

Tags: php, submit, form

Category: PHP Scripts

Dear visitor, you are browsing our website as Guest.
We strongly recommend you to register and login to view hidden contents.
<
  • 0 Comments
  • 0 Articles
11 October 2017 23:43

Cory Robertson

Reply
  • Group: Guests
  • РRegistered date: --
  • Status:
 
Phew, I will finally be able to prevent a duplicate submitting form on my new website. I better sign ukbesteessays soon so I can get enough time to update. I don't think it'd take long.

<
  • 0 Comments
  • 0 Articles
14 December 2017 01:05

UKEssayPapers

Reply
  • Group: Guests
  • РRegistered date: --
  • Status:
 
I loved the post, keep posting interesting posts. I will be a regular reader...
<a href="http://www.ukessaypapers.co.uk/nursing-essay-help">Nursing Essays</a>

<
  • 0 Comments
  • 0 Articles
20 December 2017 03:49

Karen E. Mincey

Reply
  • Group: Guests
  • РRegistered date: --
  • Status:
 
Controller view model become popular for all the web applicaitons nowadays.I even use it at my http://britishessays.net/ site. Thanks for a good explanation.

<
  • 0 Comments
  • 0 Articles
25 December 2017 07:11

Kesia

Reply
  • Group: Guests
  • РRegistered date: --
  • Status:
 
Believe me or not, i am not good at writing scripts for development but i have gaming passion and hopefully some articles on paperbagkits.com would help you a lot because writing is an art and it needs lot of time for modification and improvement.

<
  • 0 Comments
  • 0 Articles
21 February 2018 22:07

Anna Julia

Reply
  • Group: Guests
  • РRegistered date: --
  • Status:
 
Phew, I will at long last have the capacity to keep a copy submitting structure on my new site. I better sign dissertation help soon so I can get enough time to refresh. I don't think it'd take long.

Information
Comment on the news site is possible only within (days) days from the date of publication.