Post/Redirect/Get solution just for refreshing the page?

StackOverflow https://stackoverflow.com/questions/21464128

質問

PHP Post/Redirect/Get solution is good just for refreshing the page?

What about if the user clicks on the back button twice and resend the form? The only solution I have found is to check in my database if same data is already posted.

Is there any other solution without querying the database?

Thank you in advance!!!

役に立ちましたか?

解決

PRG is perfect for browser Back button support too. An HTTP redirect replaces the URL in browser history instead of adding a new entry. If you apply PRG consistently, i.e. you always return a redirect from a POST, then browser history will only contain "safe" pages (GET), there will never be a POST URL in the history.

There is still a chance of getting duplicate form submissions, though. For example if the user double-clicks the submit button. So if you want to be extra safe you need some extra mechanism (e.g. nonce) to prevent double submissions.

他のヒント

PRG is used because of the nature of HTTP. POST is not a safe operation hence PRG is preferred.

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top