Laravel 4:防止表单重新提交 [英] Laravel 4: Prevent form re-submissions
问题描述
我已经经历了这个问题,但是答案张贴了他们不能解决我的问题.
I have gone through this question, but the answer posted their doesn't solve my problem.
发生的问题是,如果用户单击浏览器的后退按钮以返回到提交的表单,则输入的数据将保持不变,并且用户可以重新提交"该表单. 如何防止这种行为(laravel的方式)?
The problem that occurs is that if the user hits the back button of the browser to return to the submitted form, the entered data persists and the user is able to "re-submit" the form. How can I prevent this behaviour (laravel's way)?
我的route.php看起来像
my route.php looks like
Route::group(array('after' => 'no-cache'), function()
{
Route::get('/', 'HomeController@index');
Route::ANY('/search','HomeController@search');
Route::get('user/login',array('as'=>'user.login','uses'=>'UserController@getLogin'));
Route::post('user/login',array('as'=>'user.login.post','uses'=>'UserController@postLogin'));
Route::get('user/logout',array('as'=>'user.logout','uses'=>'UserController@getLogout'));
Route::post('user/update/{id}',array('as'=>'user.update','uses'=>'UserController@userUpdate'));
Route::group(array('before' => 'auth'), function()
{
Route::get('user/profile',array('as'=>'user.profile','uses'=>'UserController@getUserRequest'));
Route::get('order/checkout','OrderController@checkout');
Route::get('order/status',array('as'=>'order.status','uses'=>'OrderController@orderStatus'));
Route::group(array('before' => 'csrf'), function()
{
Route::post('order/process','OrderController@process');
});
});
});
filter.php
filter.php
Route::filter('csrf', function()
{
if (Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
Route::filter('no-cache',function($route, $request, $response){
header("Cache-Control: no-cache,no-store, must-revalidate"); //HTTP 1.1
header("Pragma: no-cache"); //HTTP 1.0
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
});
控制器代码
public function process(){
//data is saved to database
Session::put('_token', md5(microtime()));
return Redirect::route('order.status');
}
public function orderStatus(){
return View::make('orderStatus')->with('message','done');
}
推荐答案
班次交换:
确定您的浏览器在按下时没有刷新"页面吗? 后退"-因为不缓存"?试试这个:载入表格,查看 来源,请查看@隐藏的令牌代码.然后提交表格,按 返回,然后@查看隐藏的令牌代码-相同吗?
Are you sure your browser is not 'refreshing' the page when it presses 'back' - because of 'no-cache'? Try this: load the form, view the source, look @ the hidden token code. Then submit the form, press back, and @ look at the hidden token code - are they the same?
尝试做自己的Rahu:
Trying Tobemyself Rahu:
不,他们不一样
no they aren't the same
那就是你的答案!当您按返回"时,浏览器正在刷新"页面!
Then that is your answer! Your browser is 'refreshing' the page when you are pressing 'back'!
因此,您的代码对于大多数浏览器均有效",但是无论您使用哪种浏览器,都会自动刷新背面"上的页面-因此,令牌将重新填充到表单上.就像用户正在重新访问"表单一样,因此您几乎无能为力.它将适用于大多数浏览器...
So your code 'works' for most browsers - but whichever browser you are using is automatically refreshing the page on the 'back' - thus your token is being repopulated on the form. It is as is the user is 'revisiting' the form - so there is little you can do to stop this. It will work for most browsers...
或者您可以关闭表单的不缓存"-或将其设置为5分钟左右-这样浏览器就不会刷新页面.
Or you can turn off the 'no-cache' for the form - or set it to like 5mins or something - so the browser will not refresh the page.
也许有一个表单"缓存过滤器-5分钟,而其他所有站点的过滤器-0,则类似"Laravel优雅":)
Maybe have a 'form' cache filter - which is 5mins and a filter for all the other site - which is 0, something like that would be 'Laravel elegant' :)
这篇关于Laravel 4:防止表单重新提交的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
