Webmaster Papers




Google
 
Web webhostingpapers.com




/pagead2.googlesyndication.com/pagead/show_ads.js">

Preventing Repeat Form Submission Using PHP Sessions


We've all seen those messages on some websites warning not to click a button more than once or negative consequences, like paying a bill twice, may result. Sometimes we can cause these problems by hitting the back or refresh buttons. In this article I will explain a methodology whereby a site can ensure each form is submitted only once, thereby demonstrating that such warnings are unnecessary and, depending on the nature of the problems caused, worth repairing immediately. Let's begin by taking a look at the process we are studying: Form Submission. As pedantic as it may seem, it will be worthwhile to detail each of the steps in this process:

  • Visitor requests a page from the server which has a form on it.
  • Server retrieves form and sends to user.
  • User enters data on form and submits to server.
  • Server processes form data and returns resultant page.
    • The scenario we now need to analyze is when the user re-triggers a previous form submission process. What we need to find or create is something which changes during the form submission process which does not depend on the specific form being submitted and which we can tell changed. That was a loaded sentence which fully details our solution, so let's break it down. Find or create something which
  • changes during the form submission process,
  • does not depend on the specific form being submitted, and
  • we can tell changed.

    • Since the item which changes does not depend on the form being submitted (e.g. it doesn't matter if it's a newsletter registration form, customer signup form, payment form, etc.), the item is not something which already exists and therefore must be created, so let's create a form variable called submissionId and assume it has the 3 properties mentioned above. So far, so good -- or so it appears! The third "property" is that "we can tell [it] changed", but "changed" is not a property of a variable, so we need to look at this more closely. In order to tell something changed, we must have a reference point, an answer to the question "changed from what?" This is where a session variable will come into play. If we define a session variable, say $_SESSION['nextValidSubmission'] and treat it as a reference point, we will have all of the tools necessary to protect our visitors. The idea will be to keep the session variable updated with the last submissionId sent out and change the submissionId each time it is sent out to the user. Then, if they try to resubmit the data, they will be submitting an old submissionId which doesn't match nextValidSubmission and we will know not to re-process this data. Let's look at this in terms of the processes:

  • Visitor requests a page from the server which has a form on it.
  • Server retrieves form, generates a new submissionId which is embedded into the form, updates nextValidSubmission, and sends to user.
  • User enters data on form and submits to server.
  • Server processes form data, changes nextValidSubmission, and returns resultant page.
    • Now, if the visitor somehow resends the data, they will be sending the old submissionId which will not match the new nextValidSubmission. So, you can now say goodbye to relying on javascript to remove/disable buttons, silly warning messages, and upset customers by preventing form re-submission.

    Webmaster of Script Reference - The *NEW* PHP Reference & Tutorial Site For Non-Programmers
    See here for more detailed information, an example using PHP, and an alternate method which doesn't require sessions.

    RELATED ARTICLES

    7 Killer Ways To Increase Your Online Sales
    Every online entrepreneur I talk to is asking the same question, "How do I increase my online sales, NOW?"
    How to Create a Professional Web Site in 24 Hours
    And whether your business sells products or services, you can use a Web site to increase your revenue and reduce your start-up costs. While you're at school, your Web site can take orders, answer common customer questions and introduce potential prospects to your business, among many other possibilities. For example, Ryan Allis, a 19-year-old entrepreneur now attending the University of North Carolina, was able to successfully create and market a Web site that sold a product that helps people with arthritis. As a result of his efforts, his company was able to generate more than $1 million in sales by the time Allis was seventeen years old.
    5 Ways to Build a Website
    If you are like me you have wanted to build a website but didn't know how!
    The Web: Your Window of Opportunity
    Thinking about starting up a business? The web is the way to go. Look around! More and more, people are relying on the internet as an information resource, a way to foster personal relationships, and method of purchasing goods and services.
    17 Tips to Plan a Website
    Everyone wants one.
    Do You And Your Website Have Credibility?
    I recently received an unsolicited e-mail from some company offering me their search engine optimization services for $199. Even though I had absolutely no interest in the offer, just out of curiosity, I decided to check out this company with the various search engines.
    But My Business Doesnt Need A Website!
    Revenues are often lost because many business owners don't see the value in having a website. They claim their products can't be sold online and technology is overwhelming. The fact is without a web presence they may be losing incredible opportunity. A well-planned, professional website can:
    Seven Daft Things Not To Do To Your Website
    1. Splash pages
    Server Stats ? Analyzing Traffic To Your Site
    Analyzing traffic to a site is a key factor in tweaking search engine optimization and marketing campaigns. Determining how people get to your site is critical. Surprisingly, few sites take advantage of the data available on their servers.
    Free Websites & Why You Should Avoid Them
    It amazes me how many people try to build serious websites with free web host providers. Granted, we all love things in life that are marked "free", but it doesn't always make sense to go that route if it will cost you more in the long run.
    9 Simple Steps to Create a Background Tiled Image Branded with Your Name
    You have seen those web pages where they have the name of the Name Web repeated over over over in square tiles as the background. Now by following these 9 Simple steps you too can create a web page Branded with your Name, or Company Name.
    Developing State-enabled Applications With PHP
    Installment 1
    What Does An Ex-Basketball Coach Know About Pulling Web Metrics?
    In my previous life.....
    Warning: The Truth About Having a Web Site!
    If you don't have a web site yet, are thinking of slapping one up or have one that simply isn't producing, this Warning is for you!
    Why Should Your Business Go O.N.L.I.N.E.
    Optimize your time. How much time each day must you devote to paperwork, scheduling and accounting? You strive to meet the needs of your clients, but when chained to the obligations of business management, it's just as important to make sure the doors stay open as it is to satisfy customers. By integrating your daily tasks and taking advantage of the amazing Web-based software solutions out there, you can make more time for clients and spend less time behind your desk. Do you work from home? When your business is online, you can manage your business any place you have a connection to the Internet
    The Number One Reason Most Websites Fail
    Failure, just like success, is measured differently by each and every one of us. What one man treats as success another may view as failure. For the purposes of this article a website that fails is one that fails to attract and convert enough targeted visitors into paying customers. Yeah - positive feedback from your website visitors is great but let's face it - we're all in this ultimately to make more money.
    The Topic Of Your Website
    The first thing you will have to deal building your website has nothing to do with the web design itself, it's me related to content writing but it must be defined and will effect the rest of your actions. So first of all you need to decide what the topic of your future website is. Topic is very closely connected to another web design issue: keywords. The keywords you select will depend upon the topic you have chosen. When thinking about website topic ask yourself a few questions: What is the goal of the site you are making? What are you trying to achieve with your site. Specify a goal, preferably in one short sentence.
    Optimal Website Design
    Optimal website design is the art of logical navigation.
    MySQL Database Handling in PHP
    Most interactive websites nowadays require data to be presented dynamically and interactively based on input from the user. For example, a customer may need to log into a retail website to check his purchasing history. In this instance, the website would have stored two types of data in order for the customer to perform the check ? the customer's personal login details; and the customer's purchased items. This data can be stored in two types of storage ? flat files or databases.
    Web Designer? You Dont Need No Stinkin Web Designer!
    RIVERSIDE, CA August 4, 2004 ?- "Historically, small business owners have had a limited number of options to choose from when it comes to the development of an on-line presence," says Pat Spinelli, owner of The Web Site Tutor, a Riverside, California 1. web site design and training firm.