Php prevents users from submitting forms repeatedly, and php prevents them from submitting forms. Php prevents users from submitting forms repeatedly. php prevents users from submitting forms repeatedly, because it is possible that users can click php consecutively to prevent them from submitting forms repeatedly, and php will prevent them from submitting forms.
When submitting a form, we cannot ignore the restriction of preventing users from submitting the form repeatedly, because users may have clicked the submit button consecutively or maliciously submitted data by attackers, therefore, processing after data is submitted, such as modifying or adding data to the database, can cause problems.
:
So how can we avoid repeated forms? We can start from many aspects:
FirstFront-end restrictions. The front-end JavaScript is disabled after the button is clicked once, that is, disabled. this method prevents multiple click submits. However, if the javascript script is disabled, it becomes invalid.
Second, we can do this after submittingRedirect Page redirection, That is, jump to the new page after the submission, mainly to avoid repeated submission of F5, but there are also deficiencies.
ThirdUnique index constraints on databases.
The fourth step is to doSession token verification.
Now let's take a look at the simple use.Session tokenTo prevent repeated submission of forms.
We add an input hidden field in the form, that is, type = "hidden", whose value is used to save the token value. when the page is refreshed, the token value changes, after submission, check whether the token value is correct. if the token submitted by the foreground does not match that submitted by the background, it is considered to be a repeated submission.
<? Php/** PHP simply uses token to prevent repeated form submissions */session_start (); header ("Content-Type: text/html; charset = utf-8"); function set_token () {$ _ SESSION ['token'] = md5 (microtime (true);} function valid_token () {$ return = $ _ REQUEST ['token'] ===$ _ SESSION ['token']? True: false; set_token (); return $ return;} // if the token is empty, a token if (! Isset ($ _ SESSION ['token']) | $ _ SESSION ['token'] = '') {set_token ();} if (isset ($ _ POST ['web']) {if (! Valid_token () {echo "token error. please do not submit it again! ";}Else {echo 'submitted successfully, Value:'. $ _ POST ['web'] ;}} else {?> <? Php }?>
The above is a simple example to prevent repeated submission of forms.
In actual project development, the token of the form is more complex, that is, token verification. The following operations may be performed:Verify the source domain,That is, whether it is submitted externally;Match the action to be executed, Is to add, modify or delete; the second most important thing isBuild token, Token can be usedReversible encryption algorithm, As complex as possible, because the plaintext is still insecure.
The above is how to solve the problem that ph prevents users from submitting forms repeatedly. I hope it will be helpful for you to learn.
When submitting a form, the restriction cannot be ignored to prevent users from submitting the form repeatedly, because it is possible for users to click continuously...