CODEWITHSUNDEEP
phpformscookies
New Logo
New Logo

Reputation: 87

Why i'm getting the same echo in preventing double submitting?

Hello i have my form and i want to implement this method for preventing double submitting on forms or going back The simple code:

 <?php
            // start session
            session_start();

            // create unique token
            $form_token = uniqid();

            // commit token to session
            $_SESSION['user_token'] = $form_token;
    ?>
    <!doctype html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Prevent multiple POSTs </title>
    </head>

    <body>

    <form action="submit.php" method="post">

        <input type="text" name="bar" />    
        <input type="hidden" name="user_token" value="<?php echo  $_SESSION['user_token'];  ?>" />
        <input type="submit" value="Submit" />

    </form>
    </body>
    </html>

And here the submit.php code:

       <?php 
        session_start();
    //We check if the token of the page and session match!
    if($_POST['user_token'] == $_SESSION['user_token']) {
        $message = 'Your download is <a href="foobar.xls"> Here </a> ';
    } else {
        $message = 'Your request has expired, please go back and resubmit!';
    }

    echo "We say: " . $message;


// invalidate the token so it expires on view, important!
unset($_SESSION['user_token']);
?>

I uploaded this script to my server but whenever i click the submit button i get the same answer the We say: Your download is Here echo , why this i checked if my cookies are created and yes they exists as they should ,

i want that users that have submitted the form once , to cant do that another time until a refresh or setting a maximum time that these cookies can exists and than delete them so that the user after for eg 10 min can submit another form if he want so

Any help will greatly be welcomed. Thanks in advance. Updatet

Upvotes: 0

Views: 62

Answers (1)

DaneSoul
DaneSoul

Reputation: 4511

session_start();

Add this in the begining of second script which recive your data from form. More detailes in manual.

But the only way to recieve msg 'Your request has expired' you need to keep recieved data in some form on server (file or data base) I suppose.

Upvotes: 2

Related Questions