[thelist] deleting php vars

Simon Perry simon.perry at si-designs.co.uk
Mon Nov 3 05:04:32 CST 2003


----- Original Message ----- 
From: "jan guichelaar [artmiks]"
> unset ( $HTTP_POST_VARS['var_name']);
>
> looks promising, but when i refresh the page, the vars are still there,
> Still dont know how to prevent people to refresh the page and thus
> executing the same php-code with the same vars twice.
> :-(
Jan,

The problem you are facing is client side not server, the clients browsers
are the ones who are remembering the post or get data. When you hit refresh
in your browser it sends the last request it did again. So if your request
was post: http://your.sever/page.php?user=fred and you add fred to your user
list then unset ( $HTTP_POST_VARS['user']); the server has deleted the user
value but not the client, if you refresh the client it will send post:
http://your.sever/page.php?user=fred again.

You have two choices:

1. Validate the data before it is entered into the data source to check for
duplicates, not bad practice anyway!

2. Force the browsers behaviour (this is the solution I sent to you before)
by sending headers back to the browser that the page content has changed and
that it should load a "new" location. This approach is limited by your page
flow, to explain further if you are doing something like this:

form-page.php > form-process.php

then you will not be able to control the clients retaining the post data. To
be successful you need to write one page that handles the form and data, see
the sudo code below.

one-page.php
if(no post data exists){show form}
if(post data exists){
add to data source
unset ( $HTTP_POST_VARS['user']);
header("Status:  205 Reset Content");
//reload the page without the form data
header("Location: one-page.php");
}

Now if the client hits refresh the browser will send the last request it
had, the one we told it to request by using header("Location:
one-page.php"); that would be get: http://your.sever/one-page.php .

Well, I hope that is clearer than mud for you...

Simon



More information about the thelist mailing list