3

I have 3 page, and pass value using $_POST method. The reason not using $_GET method is I don't want user go to the url and change the value and able to pass value. From the beginning for t2 and t3 page:

  1. t2 and t3 will check if(isset($_POST)) then save to the session.
  2. When t3.php user click on back button, t3 not passing $_POST data and read session

It is able to work when passing data from t1 to t2 and t2 to t3, but when click on back button from t3 to t2, the browser show "Confirm Form Resubmission". How can I make the page read the session data instead of the $_POST value when user hit the back button?

t1.php

<html>
<body>
    <form id="b">
        value1: <input type="text" name="value1" id="value1">
        value2: <input type="text" name="value2" id="value2">
        <input type="button" onclick ="test()" value="test">
    </form>
</body>
</html>

<script type="text/javascript">
function test(){
    document.getElementById("b").method = "post";
    document.getElementById("b").action = "t2.php";
    document.getElementById("value1").value = "asd";
    document.getElementById("value2").value = "zxc";
    document.getElementById('b').submit();      
}
</script>

t2.php

<?php 
session_start();

if(isset($_POST)){
    unset($_SESSION['t2']);
    $_SESSION['t2']=$_POST;
}else if(isset($_SESSION['t2'])){

}else{
    header("Location: http://localhost/my_project/t1.php");
}

?>

<html>
<body>
    value1<?php echo $_SESSION['t2']["value1"]; ?>!<br>
    value2 <?php echo $_SESSION['t2']["value2"]; ?>.

    <form id="b">
        value1: <input type="text" name="value1" id="value1">
        value2: <input type="text" name="value2" id="value12">
        <input type="button" onclick ="test()" value="test">
    </form>

</body>
</html>

<script type="text/javascript">
function test(){
    document.getElementById("b").method = "post";
    document.getElementById("b").action = "t3.php";
    document.getElementById("value1").value = "qwe";
    document.getElementById("value2").value = "rty";
    document.getElementById('b').submit();      
}
</script>

t3.php

<?php 
session_start();

if(isset($_POST)){
    unset($_SESSION['t3']);
    $_SESSION['t3']=$_POST;
}else if(isset($_SESSION['t3'])){

}else{
    header("Location: http://localhost/my_project/t1.php");
}

?>

<html>
<body>
    value1<?php echo $_SESSION['t3']["value1"]; ?>!<br>
    value2 <?php echo $_SESSION['t3']["value2"]; ?>.

</body>
</html>
Sehdev
  • 4,779
  • 3
  • 8
  • 28
Arzozeus
  • 103
  • 1
  • 10
  • You check session data before the post data? – Epodax Jan 11 '16 at 08:18
  • You could set a session variable on t3.php and then check if that variable exists on t2.php. If so the user hit the back button and so you could read the session. That's one option, if you can't directly read from the session first before using post data. – Charlotte Dunois Jan 11 '16 at 08:23
  • @Epodax, yes, because if user key in new data from t1 to t2, the session should store the latest value – Arzozeus Jan 11 '16 at 08:26
  • @CharlotteDunois, I have save the value in $_SESSION['t2'] when page t1 to t2, why I still need to store a variable again? When user click back button, t2 page not reading the session, not sure isn't my code error – Arzozeus Jan 11 '16 at 08:28

2 Answers2

1

If you hit the "back" button in your browser, your browser tries to recreate the situation/status that was present when first calling that page.

That means, you do the following

1) t1 --> t2
2) t2 --> t3
3) Hit the "back" button in your browser

Now your browser tries to recreate situation 1) to display page t2 and by this wants to re-post the data you sent when you first called t2.

One way around this is to always load existing data from your session and to post your form via ajax to decouple the request of the next page and sending of data. If sending of data only happens when you execute that function (e.g. clicking the submit button which is bound to that function) from the browsers perspective there's no data needed to call the page.

If you follow this way, your page is alsways loaded with data that was stored in your session (and by this is the latest data). Only if you submit data via ajax your session data is updated.

Some options are explained in multiple answers to this question: jQuery AJAX submit form

I want to add some code snippet (jQuery/AJAX - not tested). It works this way:

  • Clicking the submit button you send the form data to t2.php.
  • In t2.php you check if form data was sent. If so, process it.
  • After the call was handled and a response is sent, the first call is finished, without loading the actual page.
  • Then (here "success: ...") t2.php is loaded to the browser without sending form data. Last part is what the browser executes when it opens t2.php and which will be the action performed when clicking the back-button.

Code Snippet:

// You can also reference the jQuery library differently than this:
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js">

// Will bind the function, once the page is loaded
$(document).ready(funtion(){

// Gets a reference to your form
var $form = $('#yourFormId');

// Gets the target URL of your form
var formURL = form.attr("action");

// Will be execured when you click the submit button
$form.submit(funtion(e){
    // Does stop the form from submitting data itself
    e.preventDefault();
    // Call to send data
    $.ajax({
        type: "POST",
        url: formURL,
        data: $(this).serialize(), 
        cache: false,
        success: function() { window.location.href = formURL; }
    });
  });
});
</script>
Community
  • 1
  • 1
Fuzzzzel
  • 1,614
  • 2
  • 18
  • 33
  • I have try change the sequence, check session first, by still facing the same error if(isset($_SESSION['t2'])){ } else if(isset($_POST)){ unset($_SESSION['t2']); $_SESSION['t2']=$_POST; }else{ header("Location: http://localhost/my_project/t1.php"); } – Arzozeus Jan 11 '16 at 09:00
  • If I get your thought correctly, the code above checks if there's already information stored in your session variable t2. If so it will not be updated, correct? If this is the case you will never be able to update t2 once it is set. What I was thinking of is first sending data via ajax to update your session data without loading a new page. After the ajax call was handled successfully you load your new page without having to send data. – Fuzzzzel Jan 11 '16 at 09:08
  • yes,base on the comment above, once the session got data, it will not able to update a new record. But, even I write this way in t2, when i click back button from t3, it still show "Confirm Form Resubmission" – Arzozeus Jan 11 '16 at 09:12
  • Yes, and it always will if a form submit was done for calling that page. Your code runs on server side. But browser on client side knows that it sent data last time it called t2.php and wants to do this again. It doesn't know what happens on server side so it assumes to correctly call t2.php it needs to send some data (and by this wants to resubmit the data it submitted last time). – Fuzzzzel Jan 11 '16 at 09:16
1

if youre losing data when you press navigater back button and as result the page is not loaded you can simply add this session_cache_limiter('private_no_expire'); before the session_start(); this will keep the page loaded as it is even if you press back button and as another way you can use get method and not post for passing parameters because the first method session_cache_limiter('private_no_expire'); will create some problems

Have a nice day

Mohamed Amine Ayachi
  • 21
  • 6