if page refresh again value added?

Question

I'm using the following form in a project. In this form the values are added properly when i submit. but after submit if i refresh the page the existing values are inserted again. i need after submit i refresh the page, the existing values are not added. Please help me.

`<form name="form" method="post" action="<?php $_SERVER['PHP_SELF'];?>">
 <table width="918" border="0">
  <tr>
    <td width="222" height="300">&nbsp;</td>
    <td width="686">
     <table width="331" border="0">
      <tr>
        <td height="30">
<?php
error_reporting (E_ALL ^ E_NOTICE);
include("config.php");
$class_section=$_POST['class_section'];

if(isset($_POST['submit']))
{
$sql=mysql_query("insert into section(section_id, class_section) values ('', '$class_section')",$conn);
if($sql)
{
echo"<p><center><b><font color='green'>Section Added Successfully!</font></b></center></p>";
}
else
{
echo"<p><center><b><font color='red'>Section Add Failed!</font></b></center></p>";
}
}

?>
        </td>
        </tr>
        </table>
    <table width="331" border="0">
            <tr>
        <td height="47">Class Section/Group</td>
        <td><input name="class_section" type="text"/>       </td>
      </tr>
      <tr>
        <td height="33"></td>
         <td><input type="submit" name="submit" value="ADD" class="button">             </td>
      </tr>
    </table></td>
  </tr>
</table>
</form>`

Answer 1

Use the Post/Redirect/Get pattern.

A user initiated request that updates state on the server should always be Post.

Your code also has an SQL injection vulnerability.

Wrap $class_section with mysql_real_escape_string() before you use it.