Ensuring that forms aren't "double submitted" is critically important on certain automated data entry applications - the classic example being an absolute need NOT to allow your user to place an order twice if he / she uses the "back" button and presses submit again.
I came across an article on a Java forum talking about
redirect after Post, but I can't say that I'm thrilled. An over-complex solution and there's much easier ways of doing it in PHP (and in Java and other languages too!).
Almost inevitably, on line ordering systems are going to comprise a number of pages where you select your product(s) and then, as a final operation, confirm your order.
In PHP, you should use the
$_SESSION superglobal to maintain the state of each individual user as he / she goes through your site, starting each operation that updates the embryonic order with a call to
session_start. By default, values WILL be stored between pages in this super-global and the back button will leave the order-in-progress (a.k.a. the shopping cart) in tact - and that's ideal because you'll not want your customers to loose their selected products if they commit the 'crime' of doing a back.
But when one of your users selects the "yes, confirm my order" button or the equivalent, you DO want to prevent a step backwards resurrecting the data. There are two ways of doing this. The easiest is to do a
session_destroy which eliminates the content of the shopping cart from the session when it's confirmed - the rest of your submit code for that page will have emailed the order confirmation, added the necessary information to your table of to-be-filled orders, and so on. The alternative way (if you don't want to loose the whole session - perhaps you want to leave your user logged in, for example) is to selectively clear the vital variables such as the cart-to-date form
$_SESSION when the order is placed.
We have an example of this approach on our web site - try it out
here and see the source code of the main application
here. You'll note that this is part of a demonstration of the "four layer model" for major applications (you can write appliactions in PHP that have the beauty of A Picasso, or ones that look like the dog's dinner) - but that's a story for another entry.
(written 2007-04-28, updated 2007-04-30)
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H115 - Designing PHP-Based Solutions: Best Practice [123] Short underground journeys and a PHP book - (2004-11-19)
[237] Crossfertilisation, PHP to Python - (2005-03-06)
[261] Putting a form online - (2005-03-29)
[340] Code and code maintainance efficiency - (2005-06-08)
[394] A year on - should we offer certified PHP courses - (2005-07-28)
[426] Robust checking of data entered by users - (2005-08-27)
[563] Merging pictures using PHP and GD - (2006-01-13)
[572] Giving the researcher power over database analysis - (2006-01-22)
[839] Reporting on the 10 largest files or 10 top scores - (2006-08-20)
[896] PHP - good coding practise and sticky radio buttons - (2006-10-17)
[936] Global, Superglobal, Session variables - scope and persistance in PHP - (2006-11-21)
[945] Code quality counts - (2006-11-26)
[1047] Maintainable code - some positive advice - (2007-01-21)
[1052] Learning to write secure, maintainable PHP - (2007-01-25)
[1181] Good Programming practise - where to initialise variables - (2007-05-09)
[1182] Painting a masterpiece in PHP - (2007-05-10)
[1194] Drawing hands on a clock face - PHP - (2007-05-19)
[1321] Resetting session based tests in PHP - (2007-08-26)
[1323] Easy handling of errors in PHP - (2007-08-27)
[1381] Using a MySQL database to control mod_rewrite via PHP - (2007-10-06)
[1389] Controlling and labelling Google maps via PHP - (2007-10-13)
[1390] Converting from postal address to latitude / longitude - (2007-10-13)
[1391] Ordnance Survey Grid Reference to Latitude / Longitude - (2007-10-14)
[1482] A story about benchmarking PHP - (2007-12-23)
[1487] Efficient PHP applications - framework and example - (2007-12-28)
[1490] Software to record day to day events and keep an action list - (2007-12-31)
[1533] Short and sweet and sticky - PHP form input - (2008-02-06)
[1623] PHP Techniques - a workshop - (2008-04-26)
[1694] Defensive coding techniques in PHP? - (2008-07-02)
[1794] Refactoring - a PHP demo becomes a production page - (2008-09-12)
[2199] Improving the structure of your early PHP programs - (2009-05-25)
[2221] Adding a newsfeed for your users to a multipage PHP application - (2009-06-06)
[2430] Not just a PHP program - a good web application - (2009-09-29)
[2679] How to build a test harness into your PHP - (2010-03-16)
[3539] Separating program and artwork in PHP - easier maintainance, and better for the user - (2011-12-05)
[3813] Injection Attacks - PHP, SQL, HTML, Javascript - and how to neutralise them - (2012-07-22)
[3820] PHP sessions - a best practice teaching example - (2012-07-27)
[3926] Filtering PHP form inputs - three ways, but which should you use? - (2012-11-18)
[4069] Even early on, separate out your program from your HTML! - (2013-04-25)
[4118] We not only teach PHP and Python - we teach good PHP and Python Practice! - (2013-06-18)
[4326] Learning to program - comments, documentation and test code - (2014-11-22)
[4641] Using an MVC structure - even without a formal framework - (2016-02-07)
[4691] Real life PHP application using our course training MVC example - (2016-06-05)
Some other Articles
Smoking, or no? The law insists we spell out the obviousEmailing as HTML (Web Page) - PHP exampleMoving out some of the web site bloatLeaning tower of CheeserBack button - ensuring order are not submitted twice (PHP)Extended Credit request - train in June and be paid in SeptemberGrand Central StationA better alternative to cutting and pasting codeCheddleton, StaffordshireA contrast in room rates and facilities