Re: [PHP] Re: preventing "back" button usage?
i don't like javascript. It's pain in the ass to get this working on more than IE and Netscape. Btw, to get it working on IE and Netscape is annoying enough already imo.So what i would do is registering some sort of variable in the session, that shows you if the page has been submitted already. On the page that processes the form, you register this variable to the session, if it isn't registered already. if it is registered already, you simply ignore the request That's the easiest way, but as long as the session remains, the user wouldn't be able to submit this form again. So if you want the user to be able to submit this form again but preventing him from submitting the same data again, you have to do a little more than what i mentioned above. Regards, Michael "Erik Price" <[EMAIL PROTECTED]> schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > On Thursday, March 28, 2002, at 06:50 PM, Michael Virnstein wrote: > > > This is not possible. You cannot force the browser > > not to go back in its history, don't even trie to find a solution for > > this... > > the question you should ask yourself is not how to disable the browser > > history > > but how you can prevent your page by getting screwed by multiple posts. > > I see. Then, when I try to do something similar to this on FedEx.com or > Amazon.com, is it JavaScript that redirects me to an error page? If so > then I will have to use both tactics -- preventing a form from being > resubmit, and JavaScript to "disable" the back button (unethical as it > may be). > > > Erik > > > > > > > Erik Price > Web Developer Temp > Media Lab, H.H. Brown > [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: preventing "back" button usage?
Eric,
Forgive me for coming in late on this... I haven't read the whole thread,
but I'd start be saying that obviously JavaScript is not an option, and
quite possible "asking them not to click the back button" is not an option
either.
I use the following theory on a single page form, but can't see any reason
why it can't happen on a multi part form.
I perform all form validation BEFORE outputting anything to the page, and
establish if the form data was good or not. Good results in uploading to
the DB, and a redirect to a thanks page (or in your case, another form), and
bad results in the form being shown again.
Since nothing is sent to the page (other than a redirect) if the data is
good, the page doesn't exist at the browser, so there's no chance of them
hitting back and re-submitting the data twice by accident.
Of course they CAN hit back and see the form they just filled out, and make
changes to it, and resubmit on purpose, but is this such a bad thing??
On the other hand, once they reach stage 2 (ie, stage 1 was valid), you
could always set a cookie. If they DO click back to stage 1, you could
always do a check for that cookie, and NOT show them the form again, which
removes just about any chance of them resubmitting data, or going back thru
the steps, UNLESS they have cookies turned off... which is a low percentage.
Changing this to sessions in the URL would remove the chance all together.
I'd recommend NOT breaking THEIR browser with the disabling of the back
button... it's THEIRS after all, and they may WANT to go back through the
sites they surfed before hitting you.
Just my opinion though :)
Justin French
Creative Director
http://Indent.com.au
on 03/04/02 1:54 AM, Erik Price ([EMAIL PROTECTED]) wrote:
>
> On Tuesday, April 2, 2002, at 09:15 AM, Rick Emery wrote:
>
>> use cache control in your HTML to prevent BACK button usage
>> This is easily done
>
> I've tried this using the HTTP headers recommended on the header() man
> page, such as
>
> header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
> header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
> header("Cache-Control: no-store, no-cache, must-revalidate");
> header("Cache-Control: post-check=0, pre-check=0", false);
> header("Pragma: no-cache");
>
> These don't seem to have the effect that I'm looking for. Someone else
> on the list suggested storing a session variable that basically says
> "this page has been filled out, do not do anything if it has been
> resubmit" which is a good idea, but I was hoping to have the user
> automatically re-routed to an error page if they hit the "back" button.
> (The session variable idea won't work until they refresh a page or
> submit a form, because they will be returning to a page in their
> history.)
>
>
> Erik
>
>
>
>
>
> Erik Price
> Web Developer Temp
> Media Lab, H.H. Brown
> [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: preventing "back" button usage?
On Tuesday 02 April 2002 16:59, Erik Price wrote:
> On Thursday, March 28, 2002, at 06:50 PM, Michael Virnstein wrote:
> > This is not possible. You cannot force the browser
> > not to go back in its history, don't even trie to find a solution for
> > this...
> > the question you should ask yourself is not how to disable the browser
> > history
> > but how you can prevent your page by getting screwed by multiple posts.
>
> I see. Then, when I try to do something similar to this on FedEx.com or
> Amazon.com, is it JavaScript that redirects me to an error page? If so
> then I will have to use both tactics -- preventing a form from being
> resubmit, and JavaScript to "disable" the back button (unethical as it
> may be).
i dont know if this really would solve your problem, but what i am using
sometimes is:
if( $save_data )
{
$id = save( $_REQUEST['data'] );
if( $id != false ) // is it a valid id?
{
header('Location:'.$_SERVER['PHP_SELF'].'?id='.$id );
die();
}
}
explaination: what it does is saving the $_REQUEST['data'] and on success, it
reloads the same page again but without the posted data to show exactly the
data that had been saved i use the $id returned by the 'save'-method, which
is the id of the data set that was saved
so reload or back buttons wont disturb
on reload, simply the same page with the GET-param is reloaded
and back button goes to the page before, since it seems the
"header"-redirection is not saved in the history
this only works for special cases:
- if you load the same page again, and want to show the entered data, it has
to be the same page for showing and editing the data
- showing data also has to work using $_GET-parameters, as this is what the
"header" function does
drawbacks are:
- only useful in some special cases
- browser gets contacted once more, than actually necessary ('header')
--
Wolfram
... translating template engine
http://sf.net/projects/simpletpl
... authentication system
http://sf.net/projects/auth
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: preventing "back" button usage?
On Thursday, March 28, 2002, at 06:50 PM, Michael Virnstein wrote: > This is not possible. You cannot force the browser > not to go back in its history, don't even trie to find a solution for > this... > the question you should ask yourself is not how to disable the browser > history > but how you can prevent your page by getting screwed by multiple posts. I see. Then, when I try to do something similar to this on FedEx.com or Amazon.com, is it JavaScript that redirects me to an error page? If so then I will have to use both tactics -- preventing a form from being resubmit, and JavaScript to "disable" the back button (unethical as it may be). Erik Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: preventing "back" button usage?
On Tuesday, April 2, 2002, at 09:15 AM, Rick Emery wrote:
> use cache control in your HTML to prevent BACK button usage
> This is easily done
I've tried this using the HTTP headers recommended on the header() man
page, such as
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
These don't seem to have the effect that I'm looking for. Someone else
on the list suggested storing a session variable that basically says
"this page has been filled out, do not do anything if it has been
resubmit" which is a good idea, but I was hoping to have the user
automatically re-routed to an error page if they hit the "back" button.
(The session variable idea won't work until they refresh a page or
submit a form, because they will be returning to a page in their
history.)
Erik
Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: preventing "back" button usage?
use cache control in your HTML to prevent BACK button usage This is easily done "Erik Price" <[EMAIL PROTECTED]> schrieb im Newsbeitrag news:[EMAIL PROTECTED]... > Sorry to plague this list with questions today, but I was hoping someone > could help me understand a fundamental thing about how browsers work -- > how can I achieve the effect that many ecommerce sites (such as Amazon) > use to prevent the user from going "back" in their history? For obvious > reasons, I would like to avoid JavaScript to achieve this feat. I have > some multi-part forms that I do not wish users to be able to repeat > accidentally. > > I believe it has something to do with a header and the browser's cache, > but I really don't know anything about it. > > > TIA, > > Erik > > > > > > > > Erik Price > Web Developer Temp > Media Lab, H.H. Brown > [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
