Form submitting duplicate entree's to mySQL and two emails with php function mail()

Question

I have a simple php page that contains a form. When submitted it should send 2 emails(one to me and one to my boss), and insert its data into my database. Instead its sending 4 emails (two to me and two to my boss) and inserting 2 rows of identical data instead of one. Any idea why this might be happening?

EDIT: I've found that the problem only occurs when you refresh the page, and each time you refresh the page it sends out a new copy of the email/data.

Here's my PHP (if you see removed I removed what was in the quotation marks for security reasons)

if (isset($_POST['submitted'])){
    define('DB_NAME', 'removed');
    define('DB_USER', 'removed');
    define('DB_PW', 'removed');
    define('DB_HOST', 'removed');

    $link = mysqli_connect(DB_HOST, DB_USER, DB_PW, DB_NAME);

    if(!$link){
        die('Test Connection Failed 1: ' . mysqli_error());
    }

    //Name
    $FName = $_POST['FName'];
    $FName = mysqli_real_escape_string($link, $FName);
    $LName = $_POST['LName'];
    $LName = mysqli_real_escape_string($link, $LName);
    $Company = $_POST['Company'];
    $Company = mysqli_real_escape_string($link, $Company);

    //Phone
    $Phone1 = $_POST['Phone1'];
    $Fax = $_POST['Fax'];

    //Address
    $Street = $_POST['Street'];
    $Street = mysqli_real_escape_string($link, $Street);
    $City = $_POST['City'];
    $City = mysqli_real_escape_string($link, $City);
    $State = $_POST['State'];
    $State = mysqli_real_escape_string($link, $State);
    $Zip = $_POST['Zip'];
    $Zip = mysqli_real_escape_string($link, $Zip);
    $Country = $_POST['Country'];
    $Country = mysqli_real_escape_string($link, $Country);

    //Message
    $Message = $_POST['Message'];
    $Message = mysqli_real_escape_string($link, $Message);

    //Email
    $Email = $_POST['Email'];
    $Email = mysqli_real_escape_string($link, $Email);

        //Email
    $Email2 = $_POST['Email2'];
    $Email2 = mysqli_real_escape_string($link, $Email);


    $sqlInsert = "INSERT INTO `removed`.`removed`(`ID`, `FName`, `LName`, `Company`, `Phone`, `Fax`, `Street`, `City`, `State`, `Country`, `Zipcode`, `Email`, `Message`) VALUES (NULL, '".$FName."', '".$LName."', '".$Company."', '".$Phone1."', '".$Fax."', '".$Street."', '".$City."', '".$State."', '".$Country."', '".$Zipcode."', '".$Email."', '".$Message."')";

    if(!mysqli_real_query($link, $sqlInsert)){
        echo "Failed To Post To Database";
    } else {
        mysqli_close($link);    
    }

    //Validate first
    if(empty($LName)||empty($Email)) 
    {
        echo "Name and email are mandatory!";
        exit;
    }

    $email_from = $Email;
    $email_subject = "Bel Air Contact Form";
    $email_body = '';
    $email_body .= '';
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "";
    $email_body .= "Name: " . $FName . " " . $LName . "
Company: " . $Company . "
Email Address: " . $Email . "
Secondary Email Address: " . $Email2 . "
Street: " . $Street . "
City: " . $City . "
State: " . $State . "
Country: " . $Country . "
Zipcode: " . $Zipcode . "
Phone: " . $Phone1 . "
Fax: " . $Fax . "
Message: " . $Message . "";
    $email_body .= "";

    $rbailey = "removed";
    $info = "removed";
    $headers = "From: $email_from 
";
    $headers .= "Reply-To: $Email 
";
    $headers .= 'X-Mailer: PHP/' . phpversion();
    $headers  = 'MIME-Version: 1.0' . "
";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "
";

    mail($rbailey,$email_subject,$email_body,$headers);
    mail($info,$email_subject,$email_body,$headers);

} //End of ISSET if statement

?>

If needed I can include the form but its a very basic form with a ton of fields so I left it out so my post isn't insanely long.

Funk Forty Niner · Accepted Answer

For the record, you have a missing dot in one of your headers:

$headers  = 'MIME-Version: 1.0' . "
";
         ^

That alone will break your headers.

The issue appears to be due to a page refresh.

To remedy this, add a header after your last mail() call, and make sure you're not outputting before header.

I.e.:

mail($info,$email_subject,$email_body,$headers);
header("Location: http://www.example.com");
exit;

In your form, add autocomplete="off" in your form, and/or your input fields.

Which is useful in HTML5 to clear any previously entered contents in a form.

You can also use sessions and tokens.

Here is a link you can consult:

http://www.phpro.org/tutorials/Preventing-Multiple-Submits.html

Sidenote:

Just to save you quite a few keystrokes; you can just do:

$FName = mysqli_real_escape_string($link, $_POST['FName']);

etc. rather than defining everything twice.

Form submitting duplicate entree's to mySQL and two emails with php function mail()

Answers (1)

Related Questions

Form submitting duplicate entree&#39;s to mySQL and two emails with php function mail()

Answers (1)

Related Questions

Form submitting duplicate entree's to mySQL and two emails with php function mail()