开发者

PHP form posting to prevent navigation/reposting problems

I have created a user registration form using PHP/smarty. The form posts back to itself since I don't know of any reason not to do it this way. The problem here is that if the user refreshes the welcome page, the code will attempt to recreate the account. What is the best way to do this from both a user and security perspective?

if (isset($_POST['submit'])) {
        /* Create cu开发者_如何转开发stomer account */
        $smarty->display($welcome_template);

} else {
        $smarty->display($form_template);
}


after the account has successfully been created, do a HTTP redirect and send them to a separate "success" page: http://en.wikipedia.org/wiki/Post/Redirect/Get


I guess that is a reason to not do it this way. I think the standard solution is the Post/Redirect/Get pattern, which means: make the POST request and then redirect to a GET request to a confirmation page. That page can then be reloaded without any problem.


the user may of course try to recreate their account at any time, so care must be taken for that.

For your needs, as post-action page shows confirmation, the easiest solution would be

//at end of post-action
echo '<script type="text/javascript">document.location = 'yoururl?cmd=confirm</script>';
die();

regards, //t

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜