防止用户使用后退按钮并发出警告或禁用任何插入 [英] Prevent user to use back button with warning or disable any insert
问题描述
我在 page1.php 中有一个表单,它指向 page2.php ,表单中的数据在 page1.php 中插入数据库。插入成功后, page2.php 会显示一条消息,并提供转到第三页的链接。
问题是当插入后的用户点击浏览器的后退按钮并单击表单提交按钮时,再次插入。
有什么办法可以在一次插入后当后退按钮被按下时,将显示一条消息,表明不允许访问后退按钮?或者如果允许,点击表单提交按钮不会进行插入?
编辑后添加此零件:
问题是,虽然管理员在page2.php和命中后退按钮,他会返回到page1.php,如果他点击表单提交按钮,则数据将被第二次插入到新行中。
u可能会建议在'INSERT'命令中使用'IGNORE',但行中有其他列可能无法与其他列匹配,而描述列(管理员插入此列的文本数据)可能会匹配。
1)在这种情况下忽略适用吗?
2)如果重复条目是允许该网站的数据库?
谢谢 p
希望它能使整个事情变得清晰。
POST / Redirect / GET :
这里是一个简洁的例子:
<?php
if($ _SERVER ['REQUEST_METHOD'] =='POST '){
$ err = array();
//执行所有验证并产生相应的错误
if(empty($ _ POST ['name']))$ err [] =用户名字段是必需的;
if(empty($ _ POST ['text']))$ err [] =需要注释字段;
if(!$ err){
//如果没有错误 - 保存数据并重定向
header(Location:。$ _ SERVER ['PHP_SELF']);
出口;
} else {
//所有字段值都应该根据HTML标准
foreach($ _POST as $ key => $ val)转义(
$ form [$ key ] = htmlspecialchars($ val);
} else {
$ form ['name'] = $ form ['comments'] ='';
}
包含'form.tpl.php';
?>
在这里您可以看到另一个简洁而强大的示例:
它是完整的解决方案显示,添加和编辑数据库内容,完全是为了管理目的。
I have a form in page1.php which directs to page2.php from where the data from the form in page1.php is inserted into database. after successful insertion, page2.php displays a message and gives link to go to a third page.
The problem is when the user after the insertion hits the back button of the browser and clicks the form submit button, insertion is made again.
Is there any way so that after one insertion when the back button is pressed a message will be displayed showing that visiting the back-button is not allowed? Or in case it is allowed no insertion will take place on clicking the form submit button?
EDITED LATER TO ADD THIS PART:
okk let me tell in details. it is about an admin back end. the admin gives description text input for different products. He gives the input from page1.php and message is shown on page2.php that the description has been inserted into db. then there is another form below the message. It just asks whether the admin wishes to do more with description text. If yes, then clicking on the form submit button , he is taken to a page from where across some page(s) he is again taken to page1.php ( this time for another product), from there to page2.php and so on. btw i could use a normal page link instead of the form button link below the message on page2.php
The problem is, while the admin is on page2.php and hits the back button , he goes back to page1.php and from there if he hits on the form submit button, the data is inserted for the second time in a new row.
u may suggest to use 'IGNORE' with 'INSERT' command, but there are other columns in the row which may not get matched with those of another column while the description columns(admin inserts text data for this column ) may get matched.
1)Is ignore applicable in this case?
2)What should be the solution if duplicate entry is allowed for the database of the site?
thanks
hope it makes the whole thing clear.
Instead of giving link to a third page, redirect to the very same URI
this is quite handy method called POST/Redirect/GET:
here is a concise example of it:
<?php
if ($_SERVER['REQUEST_METHOD']=='POST') {
$err = array();
//performing all validations and raising corresponding errors
if (empty($_POST['name'])) $err[] = "Username field is required";
if (empty($_POST['text'])) $err[] = "Comments field is required";
if (!$err) {
//if no errors - saving data and redirect
header("Location: ".$_SERVER['PHP_SELF']);
exit;
} else {
// all field values should be escaped according to HTML standard
foreach ($_POST as $key => $val) {
$form[$key] = htmlspecialchars($val);
}
}
} else {
$form['name'] = $form['comments'] = '';
}
include 'form.tpl.php';
?>
Here you can see another example, concise yet powerful:
Separating Logic/Style in PHP properly
it's complete solution to display, add and edit database contents, exactly for admin purpose.
这篇关于防止用户使用后退按钮并发出警告或禁用任何插入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
