如何防止在CakePHP中提交双重/重复的表单？ [英] How to prevent double / duplicate form submissions in CakePHP?

问题描述

我发现CakePHP中的安全组件通过向表单添加令牌作为隐藏值来帮助防止CSRF。

我想知道的是，如果有反

在以前的项目中，我使用了一个保存在会话中的唯一哈希，它在提交时被读取然后删除。

感谢

解决方案

@DoctorFox已经使用 csrfUseOnce = true 回答了它，但这会让你陷入黑洞，你仍然需要管理。所以对我来说完整的解决方案是：

 类YourAppController扩展AppController {
 
 public $ helpers = array （'Html'，'Form'）; 
 public $ components = array（'Security'）; 
 
 public function beforeFilter（）{
 $ this-> Security-> csrfUseOnce = true; 
 $ this-> Security-> blackHoleCallback ='blackhole'; 
} 
 
 public function blackhole（$ type）{
 $ this-> redirect（array（'action'=>'index'））; 
} 
  

如果没有重定向，您仍然可以提交双重表单。 / p>

参考文献： CakePHP安全组件

I discovered the Security Component in CakePHP helps to prevent CSRF by adding tokens as hidden values to forms.

What I was wondering is if there was anyway to prevent duplicate form submissions using this Component or some other component/helper?

In previous projects, I used a unique hash saved in a session, which is read then deleted upon submit. A repeated submit would have that same hash and an error would be produced.

thanks

解决方案

@DoctorFox has already answered it with csrfUseOnce = true, but this will throw you in blackholes that you still have to manage. So the complete solution for me is :

class YourAppController extends AppController {

    public $helpers = array('Html', 'Form');
    public $components = array('Security');

    public function beforeFilter() {
        $this->Security->csrfUseOnce = true;
        $this->Security->blackHoleCallback = 'blackhole';
    } 

    public function blackhole($type) {
        $this->redirect(array('action' => 'index'));
    }

If there is no redirection, you are still open for double form submission.

Ref : CakePHP security component

这篇关于如何防止在CakePHP中提交双重/重复的表单？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！