Re: [PHP-DB] Duplicate record
Hello, How about this for a different method: The php that displays the form writes an extra hidden field to the form, containing a random string value. It also writes that random string along with a timestamp to a database table, called say, form_control. The form action sends to a separate php page. The receiving php page does a "delete from form_control where control_string = $sanitisedhiddenformfield". If mysql_affected_rows() == 1 then go ahead and perform the user data insert. If it's not 1 then you either have a duplicate submit/refresh (as the control record has already been deleted) or you have a hacker calling your processing php directly. So this is nice to deter them too. You can also add another where clause based on the timestamp if you wish to time out forms that have been sitting around. Other refinements are possible but that's the bare bones. To clean up unsubmitted form control strings either of the php processes can do an additional 'delete from form_control where timestampcolumn < ' whenever (sorry I can't remember datetime functions off the top of my head!). This method is nice as it doesn't affect the real user data table or indexes and has anti-hacker side benefits. anNa > From: "Hallvard" <[EMAIL PROTECTED]> > To: php-db@lists.php.net > Date: Sat, 30 Jul 2005 12:17:16 +0200 > Subject: Duplicate record > I have a page that posts data from a form to a mysql database. > > The problem is that if the user hits the reload button on the browser, the > data will be posted again, resulting in a duplicate record. > > How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
If its a potentially long message you're storing, you can always create an MD5 sum during insertion, compare it to existing MD5 sums, and if they don't match, there's not duplicates. Just as an example, if you're inserting message and user data, first see if there's duplicates: if (!mysql_num_rows(mysql_query("select count(*) from table where stored_sum = md5(".$message.$user.")"))) { // if it's not already there, store it. mysql_query("insert into table message = '$message', 'user' = '$user', message_sum = md5(".$message.$user.")"); } else { echo "Duplicate!"; } hth, -Micah On Monday 01 August 2005 12:56 pm, Hallvard wrote: > Thanks! > > I had already dealt with the problem using unique key, as many others > suggested. However, the records (post your comment-type) doesn't have any > natural key, so I had to concotinate several long text strings, which isn't > nice. > > Could you point me in the direction of any code examples for this? > > "Alexander Veremyev" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > > > You could use next simple rules to avoid this problem: > > > > 1. Never change anything in your storage (database) by GET HTTP request > > method. > > 2. Never prepare any Web page by POST method. > > 3. After Form is processed (with a POST method) use HTTP redirect to > > corresponding GET page which should produce a result of processing. (it > > may be the same php script) > > > > So you will have "getters" and "setters" for your Web application. > > Only "getters" will be stored in a browser history in this case and users > > will be able to use back/forward/reload browser functionality without any > > side effects (also without requests to post data again). > > > > > > PS Furthermore, such use of GET and POST methods corresponds to their > > description in HTTP RFC's > > > > > > With best regards, > >Alexander Veremyev. > > > > Hallvard wrote: > >> I have a page that posts data from a form to a mysql database. > >> > >> The problem is that if the user hits the reload button on the browser, > >> the data will be posted again, resulting in a duplicate record. > >> > >> How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
Thanks! I had already dealt with the problem using unique key, as many others suggested. However, the records (post your comment-type) doesn't have any natural key, so I had to concotinate several long text strings, which isn't nice. Could you point me in the direction of any code examples for this? "Alexander Veremyev" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > You could use next simple rules to avoid this problem: > > 1. Never change anything in your storage (database) by GET HTTP request > method. > 2. Never prepare any Web page by POST method. > 3. After Form is processed (with a POST method) use HTTP redirect to > corresponding GET page which should produce a result of processing. (it > may be the same php script) > > So you will have "getters" and "setters" for your Web application. > Only "getters" will be stored in a browser history in this case and users > will be able to use back/forward/reload browser functionality without any > side effects (also without requests to post data again). > > > PS Furthermore, such use of GET and POST methods corresponds to their > description in HTTP RFC's > > > With best regards, >Alexander Veremyev. > > Hallvard wrote: > >> I have a page that posts data from a form to a mysql database. >> >> The problem is that if the user hits the reload button on the browser, >> the data will be posted again, resulting in a duplicate record. >> >> How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
Ryan Grange wrote: > How well would this methodology deal with people who double-click on > submit buttons? Of course, second submit generates second POST. For browser history that looks like user clicks "Back" and then clicks any other link on a page. Everything else depends from your application and transaction processing mechanism. If submit processing could be treated as one transaction that's good and you can handle it as a second transaction. If submit processing is a part of larger transaction you should decide what does it mean within your application (change some data posted early or add something). In any case second click on submit is explicit user action, which can not be considered as anything else then second submit. With best regards, Alexander Veremyev. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
Alexander Veremyev wrote: You could use next simple rules to avoid this problem: 1. Never change anything in your storage (database) by GET HTTP request method. 2. Never prepare any Web page by POST method. 3. After Form is processed (with a POST method) use HTTP redirect to corresponding GET page which should produce a result of processing. (it may be the same php script) So you will have "getters" and "setters" for your Web application. Only "getters" will be stored in a browser history in this case and users will be able to use back/forward/reload browser functionality without any side effects (also without requests to post data again). PS Furthermore, such use of GET and POST methods corresponds to their description in HTTP RFC's With best regards, Alexander Veremyev. Hallvard wrote: I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? How well would this methodology deal with people who double-click on submit buttons? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
You could use next simple rules to avoid this problem: 1. Never change anything in your storage (database) by GET HTTP request method. 2. Never prepare any Web page by POST method. 3. After Form is processed (with a POST method) use HTTP redirect to corresponding GET page which should produce a result of processing. (it may be the same php script) So you will have "getters" and "setters" for your Web application. Only "getters" will be stored in a browser history in this case and users will be able to use back/forward/reload browser functionality without any side effects (also without requests to post data again). PS Furthermore, such use of GET and POST methods corresponds to their description in HTTP RFC's With best regards, Alexander Veremyev. Hallvard wrote: I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
after entering the data, send the user to another (confirmation) page...then you avoid the possiblity of duplicates Bastien From: Miles Thompson <[EMAIL PROTECTED]> To: "Hallvard" <[EMAIL PROTECTED]>, php-db@lists.php.net Subject: Re: [PHP-DB] Duplicate record Date: Sat, 30 Jul 2005 10:54:16 -0300 Do a seek on the fields which cannot be duplicated; if there's a hit reload the page with the appropriate error message, otherwise reload the page with a success message. Although I have not worked with AJAX, this would appear to be an excellent spot to use it. Silently check after focus has left the final field which must be unique, doing nothing if data is OK, putting up a flag if there was duplication. As for a unique ID for each record, i.e. one that autoincrements, that's almost always a good idea. Regards - Miles Thompson At 07:17 AM 7/30/2005, Hallvard wrote: I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
Do a seek on the fields which cannot be duplicated; if there's a hit reload the page with the appropriate error message, otherwise reload the page with a success message. Although I have not worked with AJAX, this would appear to be an excellent spot to use it. Silently check after focus has left the final field which must be unique, doing nothing if data is OK, putting up a flag if there was duplication. As for a unique ID for each record, i.e. one that autoincrements, that's almost always a good idea. Regards - Miles Thompson At 07:17 AM 7/30/2005, Hallvard wrote: I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Duplicate record
in my opinion you can do the following: 1) once the user submitted the form, redirect to a new page OR 2) may have a unique column in database to avoid duplication like userid etc. With Best Wishes Balwant Singh INDO ASIAN FUSEGEAR LTD. A-39, HOSIERY COMPLEX PHASE - II EXTN., NOIDA PH: +91 - 120 - 3048140 / 304 FAX: +91 - 120 - 2568 473 WEB : www.indoasian.com Hallvard wrote: I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Duplicate record
Would'nt the simplest just setting one of the rows as UNIQUE? Or you can add one query that checks if one of the values already exists in the database. Best regards, Martin -Original Message- From: Hallvard [mailto:[EMAIL PROTECTED] Sent: 30. juli 2005 12:17 To: php-db@lists.php.net Subject: [PHP-DB] Duplicate record I have a page that posts data from a form to a mysql database. The problem is that if the user hits the reload button on the browser, the data will be posted again, resulting in a duplicate record. How can I avoid that? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php