Az.Youness
Reputation: 2652
Prevent Multiple Submissions of the Same Form
I found some answers like this good one (it use two files one for forms and other for handling) and there are some other answers using external resources (such as databases or simple files).
What I'm looking for is preventing multiple submissions of the same form, especially when the form and the php code are in the same file and without using external files.
This is what I have tried:
<?php //fone.php
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if(isset($_SESSION['token']))
$_SESSION['prv_token']=$_SESSION['token'];
$_SESSION['token']=md5(uniqid());
?>
<html>
<head><meta charset="utf-8"><title>TEST</title></head>
<body>
<?php
if($_SERVER['REQUEST_METHOD']=='POST' && $_POST['token']==$_SESSION['prv_token']){
echo "<p>Form Submited</p>";
}
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF'])?>">
<input type="hidden" name="token" value="<?php echo $_SESSION['token'];?>">
Name : <input type="text" name="name"><br>
Age : <input type="text" name="age"><br>
<input type="submit" name="submit">
</form>
</body>
</htmL>
This solution works for me, but the code breaks if I use $_SESSION['token'] in other files.
Upvotes: 0
Views: 267
Answers (1)
Thanaruby Nanthagopal
Reputation: 614
IF you are using session, It will be common to all the browser pages. So you need to use different names for sessions
Eg: $_SESSION['your_page_name_token']
Upvotes: 1
Related Questions
- How can I prevent SQL injection in PHP?
- How do you disable browser autocomplete on web form field / input tags?
- jQuery AJAX submit form
- How do I get a YouTube video thumbnail from the YouTube API?
- JavaScript post request like a form submit
- Prevent users from submitting a form by hitting Enter
- What is the boundary in multipart/form-data?
- PHP file form question