Hi First of all: I'm sorry for writing errors - I don't speak English too much (spanish)
I'm building an application which works that way: I use url parameters to set zone (document location), actions and params. I've badly make security part so only registered people ($_session['USER'] <- which is set after check Login/pass form) can access different zones but my problem is on refreshing page that contains action i.e. http://www.mypage.com?index.php&zone=contact&action=newcontact&name=geor ge only registered/valid users can make this zone code runs my pseudocode basicly works this way: function contactzone (no params) get URL parameters (like $action=$_get['action'] <some code> switch ($action) case 'new' $html.= show form (on submit set action to 'newcontact' break; case 'newcontact' Insert on database On success -> $html Default Show simple $html } <some code> return $html My problem is on refresh or back events on navigator; the action will execute again. How do I prevent that? Session variables? Check a single table storing used hashes sent by form (generated with md5 or any) on all forms containing actions event for all tables? What do you think? Sorry again and thx for reading and helping :D j0n3 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
