Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How can I prevent this?
#1
On all of my post and gets, you can just f5 and submit the data over and over, is there an easy way to avoid this?
Reply
#2
Use a cookie so it can detect if they've F5'd in the last 10 seconds, and if they have then use an if statement to stop the post/get.
Reply
#3
(08-25-2010, 04:12 AM)Starky Wrote: Use a cookie so it can detect if they've F5'd in the last 10 seconds, and if they have then use an if statement to stop the post/get.You need us to wipe your ass for you too?

There was really no need to be rude about it.

@OP: Alternatively, you can store what they POSTed (you should serialize() it) and the time in a mysql table, and if the same data was stored less than x seconds ago, don't process.
Reply
#4
(08-25-2010, 02:52 AM)`P R O D I G Y™ Wrote: On all of my post and gets, you can just f5 and submit the data over and over, is there an easy way to avoid this?

You should be redirecting your users away from the form after it has been validated and executed. Doing so will mean that if your user decides to spam the refresh button they'll be doing so on a safe page. How it might look in pseudocode:

Code:
if form submitted then
  validate form

  if form validates successfully then
    redirect user
Reply
#5
This is a problem for me too, if they click back, it repeats the GETs.
Reply
#6
(10-06-2010, 09:00 PM)Disease Wrote: You should be redirecting your users away from the form after it has been validated and executed. Doing so will mean that if your user decides to spam the refresh button they'll be doing so on a safe page. How it might look in pseudocode:

Code:
if form submitted then
  validate form

  if form validates successfully then
    redirect user

Hey, that would work pretty nicely. But that would mean that each submissApproachion would require its own success page, and if done half-assed (like most of my scripts) it can get messy real quick
[Image: TYzKF.png]
Reply
#7
I don't know!
I'de love a way too avoid that as well. xD
[Image: just-cause-2-header.jpg]
Reply
#8
(11-30-2010, 02:47 PM)iCrack Wrote: I don't know!
I'de love a way too avoid that as well. xD

Well considering Disease just explained how to do it, I don't see why you don't know.
[Image: TYzKF.png]
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Guide] Security: Prevent SQLi and XSS Attacks Haxalot 8 3,196 06-25-2015, 11:08 AM
Last Post: ParagonInitiative

Forum Jump:


Users browsing this thread: 7 Guest(s)