Re: [PHP] Browser back button

2004-08-30 Thread -{ Rene Brehmer }-
Documented research indicates that on Fri, 27 Aug 2004 15:20:58 -0600,
Michael Gale wrote about "[PHP] Browser back button":

>Hello,
>
>   I am sure this has been asked more then a few times but ... I have a web site 
> where almost every page is dynamically
>created. So if at some point in the site if you hit your browsers back button a popup 
>window occurs and asks if you want
>to resubmit the data. Upon clicking yes the page is properly displayed.
>
>That is a pain in the a$$ and I get many user complaints -- so far I have thought 
>about saving the requested URL and
>query string in a session variable and loading a back button on every page.
>
>This seems to work create if the previous page can be loaded using a GET request but 
>if the previous page was loaded
>using a HTTP POST it seems I an up the creek with out a paddle :(
>
>Any one have any ideas ... 

The way I do it is urlencode the query string and then store it with a 32
character cut of a md5'ed version of the query + timestamp in the database,
then the MD5 version is used to create GET urls back and force and to
back-reference to the actual page itself to allowed for changing sort orders
on tables and such...

the links to the pages then look like
link

the script-pages then have a simple if-structure:

if (isset($_GET['query'])) {
   // load $_GET['query'] from the database and urldecode it
} elseif (isset($_POST['submitted'])) {
   // do whatever you do when form is submitted
} else {
   // dummy default to handle page load without submitted data
}

it's admittedly a little clumsy, but it was the most efficient way I could
find that allowed to store queries and pull them out later, and do it in a
way that prevented loading the URL with a get string that's too long to work
... the reason I add the timestamp is simply to prevent similar codes when
cutting them down ... sofar I've not had any problems with this...

all there is to remember is to add the right code to the links, for whether
uou're going backwards or forwards, or referencing the page itself I use
this method with great success on pages that have user-changable sort order
and and sub-queries on the fly ... 

probably a prettier way to do it, but it gets the job done...

oh, and I save a timestamp with the query, then clean them out as they pass
7 days of age ... that way it's also possible to link directly to a query,
and it prevents the database from overload on past queries...


Rene
-- 
Rene Brehmer
aka Metalbunny

If your life was a dream, would you wake up from a nightmare, dripping of sweat, 
hoping it was over? Or would you wake up happy and pleased, ready to take on the day 
with a smile?

http://metalbunny.net/
References, tools, and other useful stuff...
Check out the new Metalbunny forums at http://forums.metalbunny.net/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



RE: [PHP] Browser back button

2004-08-27 Thread Vail, Warren
I struggled with this one as well and the solution is quite simple;

1.  Every PHP module that is reached via the action field in a form where
the method is POST (most of mine are) never outputs any html except a http
redirect (it will edit values, update the database, save session data, then
does a redirect).

header("Location:.");

2.  Every PHP module that is reached via a hotlink or redirect (above) is
free to output html to the browser, acting on or displaying data from the
database, using session data, or data coded in the URL parameter list;

Mymodule.php?parm1=&parm2=&parm3=

$a = $_GET["parm1"];// like this
$b = $_GET["parm2"];
$c = $_GET["parm3"];

With these two types of modules, you can build your entire application.  I
believe the cause of this problem is that most browsers don't save "POST"
data in the history stack, when you click the back button and the browser
detects that the previous page was entered via a "POST" is knows it doesn't
have enough saved information to reconstruct the page (passed data is
missing, and complains).  I also believe the browser replaces an entry in
the history stack (i.e. your form POST) when it receives a redirect url,
effectively removing all url's that had been entered with a POST from the
history stack and replacing them with "GET" requests.

Good luck,

Warren Vail

-Original Message-
From: Michael Gale [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 27, 2004 2:21 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Browser back button


Hello,

I am sure this has been asked more then a few times but ... I have a
web site where almost every page is dynamically created. So if at some point
in the site if you hit your browsers back button a popup window occurs and
asks if you want to resubmit the data. Upon clicking yes the page is
properly displayed.

That is a pain in the a$$ and I get many user complaints -- so far I have
thought about saving the requested URL and query string in a session
variable and loading a back button on every page.

This seems to work create if the previous page can be loaded using a GET
request but if the previous page was loaded using a HTTP POST it seems I an
up the creek with out a paddle :(

Any one have any ideas ... 

Thanks ..

-- 
Michael Gale
Network Administrator
Utilitran Corporation

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Browser back button

2004-08-27 Thread Matthew Sims
> Hello,
>
>   I am sure this has been asked more then a few times but ... I have a web
> site where almost every page is dynamically
> created. So if at some point in the site if you hit your browsers back
> button a popup window occurs and asks if you want
> to resubmit the data. Upon clicking yes the page is properly displayed.
>
> That is a pain in the a$$ and I get many user complaints -- so far I have
> thought about saving the requested URL and
> query string in a session variable and loading a back button on every
> page.
>
> This seems to work create if the previous page can be loaded using a GET
> request but if the previous page was loaded
> using a HTTP POST it seems I an up the creek with out a paddle :(
>
> Any one have any ideas ...
>
> Thanks ..
>
> --
> Michael Gale

What I usually do is when requesting a new page, I check to see if there
are any $_POST data using the isset() function. If so, I assign all $_POST
data to $_SESSION vars at the top of the page. Once that's done, I do a
header redirect to the same page. That'll clear out all $_POST data and
you'll still have your vars sitting in $_SESSION.

Web page is index.php:



...webpage stuff here...

-- 
--Matthew Sims
--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Browser back button

2004-08-27 Thread Greg Donald
On Fri, 2004-08-27 at 16:20, Michael Gale wrote:
> Hello,
> 
>   I am sure this has been asked more then a few times but ... 

So why not search the archives then?  :)

> I have a web site where almost every page is dynamically
> created. So if at some point in the site if you hit your browsers back button a 
> popup window occurs and asks if you want
> to resubmit the data. Upon clicking yes the page is properly displayed.
> 
> That is a pain in the a$$ and I get many user complaints -- so far I have thought 
> about saving the requested URL and
> query string in a session variable and loading a back button on every page.
> 
> This seems to work create if the previous page can be loaded using a GET request but 
> if the previous page was loaded
> using a HTTP POST it seems I an up the creek with out a paddle :(
> 
> Any one have any ideas ... 

Some options I've used previously, some kinda yucky I admit.

1) Use the GET method.  You can send data this way as long as the url
isn't very long.  Don't forget to urlencode() if required.

2) Add a 0 second meta refresh on the POST'd-to page.  If the user hits
back they will go to your intermittent page just after the form, not the
form page itself.

3) Use a header() call to send the user to a totally new page after the
POST.


-- 
Greg Donald

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] browser back-button problem

2002-10-16 Thread Jonathan Sharp

Take an md5 of the entire file contents and store that in your form that 
get's displayed. Then test if it matches the file when you go to make 
the changes. Every time you change the file the md5 will change. See 
below...

-js

Sample script:





 

marcel wrote:
> hi there
> I am kind of a newbie to php
> so probably I am doing it all the wrong way - if - please tell me
> 
> ok heres my problem:
> the script:
> I have  a user-group-administration script (php4), that loads data from
> a textfile and then eables the admin to delete or create new user-passwords.
> the script retreives the text data from the text-file and displays the
> entrys.
> to every entry there is a delete-button, that sends the number of the entry.
> and there are formfields and a new-button that sends the new data.
> the script that is called is the same script as the one that does the
> displaying,
> e.g. depending on the sent variables the script delets or creates an entry
> then displays the new data.
> 
> the problem:
> if someone uses the back-button of his browser, the data is transferred
> again ( at
> the moment I do it with POST out of the form), and the actions are executed
> again.
> e.g. when the user created a new entry, verytime he hits the back-button
> will create
> a new - similar - entry.
> 
> How can I prevent this?
> I saw several forms, that displayed this: "form is expired" thing, if you
> used the back-button (?).
> 
> 
> thanks a lot
> marcel
> 
> 
> 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] browser back button - "Page has Expired.. " problem

2002-01-29 Thread phantom

Also consider:

header("Cache-Control: public");
header("Cache-Control: max-age=" . $this->allowcache_expire * 60);

This will allow to set the expiration of the cached file on the on the clients
browser.  The Cache Expire time is in minutes and can be found (and changed)
in the php.ini file.  Search keyword Cache in php.ini and it will be the first
thing you find.

Alex Vargas wrote:

> Just add this header
>
> header ("Cache-Control: public");
>
> Alex.
>
> - Original Message -
> From: "Lee P Reilly" <[EMAIL PROTECTED]>
> To: "PHP List" <[EMAIL PROTECTED]>
> Sent: Monday, January 28, 2002 11:26 PM
> Subject: [PHP] browser back button - "Page has Expired.. " problem
>
> > Hi,
> >
> > I wonder if anyone can offer me a few pointers..?
> >
> > I'm building a portal to do various bits and bobs. I'm using sessions to
> > facilitate the user authentication/login, etc. The only problem I have
> > is that when viewing these (.php) pages in IE once the session variable
> > has been set, a "Warning: Page has Expired " page is displayed whenever
> > the 'Back' button is pressed. This means that the user can only access
> > the page again by hitting 'Refresh' (and therefore posting the form data
> > back & executing whatever scripts again).
> >
> > The rest of IE's error message reads, "The page you requested was
> > created using information you submitted in a form. This page is no
> > longer available. As a security precaution, Internet Explorer does not
> > automatically resubmit your information for you."
> >
> > I know from using other web applications (Hotmail is one example), that
> > this doesn't always have to be the case. Is there anyway I can eliminate
> > this security precaution on the *server side* i.e. without telling users
> > to ditch IE ;-)
> >
> > Thanks very much in advance for any advice.
> >
> > - Best regards,
> >
> >Lee
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




Re: [PHP] browser back button - "Page has Expired.. " problem

2002-01-28 Thread Alex Vargas

Just add this header

header ("Cache-Control: public");

Alex.

- Original Message - 
From: "Lee P Reilly" <[EMAIL PROTECTED]>
To: "PHP List" <[EMAIL PROTECTED]>
Sent: Monday, January 28, 2002 11:26 PM
Subject: [PHP] browser back button - "Page has Expired.. " problem


> Hi,
> 
> I wonder if anyone can offer me a few pointers..?
> 
> I'm building a portal to do various bits and bobs. I'm using sessions to
> facilitate the user authentication/login, etc. The only problem I have
> is that when viewing these (.php) pages in IE once the session variable
> has been set, a "Warning: Page has Expired " page is displayed whenever
> the 'Back' button is pressed. This means that the user can only access
> the page again by hitting 'Refresh' (and therefore posting the form data
> back & executing whatever scripts again).
> 
> The rest of IE's error message reads, "The page you requested was
> created using information you submitted in a form. This page is no
> longer available. As a security precaution, Internet Explorer does not
> automatically resubmit your information for you."
> 
> I know from using other web applications (Hotmail is one example), that
> this doesn't always have to be the case. Is there anyway I can eliminate
> this security precaution on the *server side* i.e. without telling users
> to ditch IE ;-)
> 
> Thanks very much in advance for any advice.
> 
> - Best regards,
> 
>Lee
> 
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
> 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]




RE: [PHP] browser back button - "Page has Expired.. " problem

2002-01-28 Thread Darren Gamble

Good day,

By default, IE will cache these pages (i.e. you won't get this message).

If you're receiving that message, it means that the browser doesn't have a
cached version of the page.  Getting a new version would obviously mean
submitting the form information again, which IE, thankfully, doesn't
automatically do.

It may be that the IE users aren't caching their pages, or the cache is
automatically cleaned (had this happen once with users writing onto their
profile).  Or, it may be that meta tags on the page have instructed the
browser not to cache the page, or to quickly expire it.  You should check
the page source for such headers.

I know it is tempting to trash-talk IE, but in this situation, regardless of
the problem, most likely the browser is just doing what the user or web page
has instructed it to do.


Darren Gamble
Planner, Regional Services
Shaw Cablesystems GP
630 - 3rd Avenue SW
Calgary, Alberta, Canada
T2P 4L4
(403) 781-4948


-Original Message-
From: Lee P Reilly [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 28, 2002 3:27 PM
To: PHP List
Subject: [PHP] browser back button - "Page has Expired.. " problem


Hi,

I wonder if anyone can offer me a few pointers..?

I'm building a portal to do various bits and bobs. I'm using sessions to
facilitate the user authentication/login, etc. The only problem I have
is that when viewing these (.php) pages in IE once the session variable
has been set, a "Warning: Page has Expired " page is displayed whenever
the 'Back' button is pressed. This means that the user can only access
the page again by hitting 'Refresh' (and therefore posting the form data
back & executing whatever scripts again).

The rest of IE's error message reads, "The page you requested was
created using information you submitted in a form. This page is no
longer available. As a security precaution, Internet Explorer does not
automatically resubmit your information for you."

I know from using other web applications (Hotmail is one example), that
this doesn't always have to be the case. Is there anyway I can eliminate
this security precaution on the *server side* i.e. without telling users
to ditch IE ;-)

Thanks very much in advance for any advice.

- Best regards,

   Lee


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]