Re: [PHP] Browser back button
Documented research indicates that on Fri, 27 Aug 2004 15:20:58 -0600, Michael Gale wrote about [PHP] Browser back button: Hello, I am sure this has been asked more then a few times but ... I have a web site where almost every page is dynamically created. So if at some point in the site if you hit your browsers back button a popup window occurs and asks if you want to resubmit the data. Upon clicking yes the page is properly displayed. That is a pain in the a$$ and I get many user complaints -- so far I have thought about saving the requested URL and query string in a session variable and loading a back button on every page. This seems to work create if the previous page can be loaded using a GET request but if the previous page was loaded using a HTTP POST it seems I an up the creek with out a paddle :( Any one have any ideas ... The way I do it is urlencode the query string and then store it with a 32 character cut of a md5'ed version of the query + timestamp in the database, then the MD5 version is used to create GET urls back and force and to back-reference to the actual page itself to allowed for changing sort orders on tables and such... the links to the pages then look like a href=page.php?query=a4545f454dg454link/a the script-pages then have a simple if-structure: if (isset($_GET['query'])) { // load $_GET['query'] from the database and urldecode it } elseif (isset($_POST['submitted'])) { // do whatever you do when form is submitted } else { // dummy default to handle page load without submitted data } it's admittedly a little clumsy, but it was the most efficient way I could find that allowed to store queries and pull them out later, and do it in a way that prevented loading the URL with a get string that's too long to work ... the reason I add the timestamp is simply to prevent similar codes when cutting them down ... sofar I've not had any problems with this... all there is to remember is to add the right code to the links, for whether uou're going backwards or forwards, or referencing the page itself I use this method with great success on pages that have user-changable sort order and and sub-queries on the fly ... probably a prettier way to do it, but it gets the job done... oh, and I save a timestamp with the query, then clean them out as they pass 7 days of age ... that way it's also possible to link directly to a query, and it prevents the database from overload on past queries... Rene -- Rene Brehmer aka Metalbunny If your life was a dream, would you wake up from a nightmare, dripping of sweat, hoping it was over? Or would you wake up happy and pleased, ready to take on the day with a smile? http://metalbunny.net/ References, tools, and other useful stuff... Check out the new Metalbunny forums at http://forums.metalbunny.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Browser back button
On Fri, 2004-08-27 at 16:20, Michael Gale wrote: Hello, I am sure this has been asked more then a few times but ... So why not search the archives then? :) I have a web site where almost every page is dynamically created. So if at some point in the site if you hit your browsers back button a popup window occurs and asks if you want to resubmit the data. Upon clicking yes the page is properly displayed. That is a pain in the a$$ and I get many user complaints -- so far I have thought about saving the requested URL and query string in a session variable and loading a back button on every page. This seems to work create if the previous page can be loaded using a GET request but if the previous page was loaded using a HTTP POST it seems I an up the creek with out a paddle :( Any one have any ideas ... Some options I've used previously, some kinda yucky I admit. 1) Use the GET method. You can send data this way as long as the url isn't very long. Don't forget to urlencode() if required. 2) Add a 0 second meta refresh on the POST'd-to page. If the user hits back they will go to your intermittent page just after the form, not the form page itself. 3) Use a header() call to send the user to a totally new page after the POST. -- Greg Donald -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Browser back button
Hello, I am sure this has been asked more then a few times but ... I have a web site where almost every page is dynamically created. So if at some point in the site if you hit your browsers back button a popup window occurs and asks if you want to resubmit the data. Upon clicking yes the page is properly displayed. That is a pain in the a$$ and I get many user complaints -- so far I have thought about saving the requested URL and query string in a session variable and loading a back button on every page. This seems to work create if the previous page can be loaded using a GET request but if the previous page was loaded using a HTTP POST it seems I an up the creek with out a paddle :( Any one have any ideas ... Thanks .. -- Michael Gale What I usually do is when requesting a new page, I check to see if there are any $_POST data using the isset() function. If so, I assign all $_POST data to $_SESSION vars at the top of the page. Once that's done, I do a header redirect to the same page. That'll clear out all $_POST data and you'll still have your vars sitting in $_SESSION. Web page is index.php: ?php sesson_start; if (isset($_POST[var])) { $_SESSION[var] = $_POST[var]; header(Location: index.php); } ? ...webpage stuff here... -- --Matthew Sims --http://killermookie.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Browser back button
I struggled with this one as well and the solution is quite simple; 1. Every PHP module that is reached via the action field in a form where the method is POST (most of mine are) never outputs any html except a http redirect (it will edit values, update the database, save session data, then does a redirect). header(Location:.); 2. Every PHP module that is reached via a hotlink or redirect (above) is free to output html to the browser, acting on or displaying data from the database, using session data, or data coded in the URL parameter list; Mymodule.php?parm1=parm2=parm3= $a = $_GET[parm1];// like this $b = $_GET[parm2]; $c = $_GET[parm3]; With these two types of modules, you can build your entire application. I believe the cause of this problem is that most browsers don't save POST data in the history stack, when you click the back button and the browser detects that the previous page was entered via a POST is knows it doesn't have enough saved information to reconstruct the page (passed data is missing, and complains). I also believe the browser replaces an entry in the history stack (i.e. your form POST) when it receives a redirect url, effectively removing all url's that had been entered with a POST from the history stack and replacing them with GET requests. Good luck, Warren Vail -Original Message- From: Michael Gale [mailto:[EMAIL PROTECTED] Sent: Friday, August 27, 2004 2:21 PM To: [EMAIL PROTECTED] Subject: [PHP] Browser back button Hello, I am sure this has been asked more then a few times but ... I have a web site where almost every page is dynamically created. So if at some point in the site if you hit your browsers back button a popup window occurs and asks if you want to resubmit the data. Upon clicking yes the page is properly displayed. That is a pain in the a$$ and I get many user complaints -- so far I have thought about saving the requested URL and query string in a session variable and loading a back button on every page. This seems to work create if the previous page can be loaded using a GET request but if the previous page was loaded using a HTTP POST it seems I an up the creek with out a paddle :( Any one have any ideas ... Thanks .. -- Michael Gale Network Administrator Utilitran Corporation -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] browser back-button problem
Take an md5 of the entire file contents and store that in your form that get's displayed. Then test if it matches the file when you go to make the changes. Every time you change the file the md5 will change. See below... -js Sample script: ? $file = file('/your/text/file.txt'); if ( $_POST['doSomething'] ) { // Make sure it's the same file: if ( md5( implode('', $theFile) ) == $_POST['checksum'] ) { // Code to change the file (add/delete etc) } else { echo File has been changed, aborting modifications.; } } else { // Just show the file ? form... input type=hidden name=checksum value=?=md5( implode('', $theFile))? input type=submit name=doSomething value=Do something /form ? } ? marcel wrote: hi there I am kind of a newbie to php so probably I am doing it all the wrong way - if - please tell me ok heres my problem: the script: I have a user-group-administration script (php4), that loads data from a textfile and then eables the admin to delete or create new user-passwords. the script retreives the text data from the text-file and displays the entrys. to every entry there is a delete-button, that sends the number of the entry. and there are formfields and a new-button that sends the new data. the script that is called is the same script as the one that does the displaying, e.g. depending on the sent variables the script delets or creates an entry then displays the new data. the problem: if someone uses the back-button of his browser, the data is transferred again ( at the moment I do it with POST out of the form), and the actions are executed again. e.g. when the user created a new entry, verytime he hits the back-button will create a new - similar - entry. How can I prevent this? I saw several forms, that displayed this: form is expired thing, if you used the back-button (?). thanks a lot marcel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] browser back button - Page has Expired.. problem
Also consider: header(Cache-Control: public); header(Cache-Control: max-age= . $this-allowcache_expire * 60); This will allow to set the expiration of the cached file on the on the clients browser. The Cache Expire time is in minutes and can be found (and changed) in the php.ini file. Search keyword Cache in php.ini and it will be the first thing you find. Alex Vargas wrote: Just add this header header (Cache-Control: public); Alex. - Original Message - From: Lee P Reilly [EMAIL PROTECTED] To: PHP List [EMAIL PROTECTED] Sent: Monday, January 28, 2002 11:26 PM Subject: [PHP] browser back button - Page has Expired.. problem Hi, I wonder if anyone can offer me a few pointers..? I'm building a portal to do various bits and bobs. I'm using sessions to facilitate the user authentication/login, etc. The only problem I have is that when viewing these (.php) pages in IE once the session variable has been set, a Warning: Page has Expired page is displayed whenever the 'Back' button is pressed. This means that the user can only access the page again by hitting 'Refresh' (and therefore posting the form data back executing whatever scripts again). The rest of IE's error message reads, The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you. I know from using other web applications (Hotmail is one example), that this doesn't always have to be the case. Is there anyway I can eliminate this security precaution on the *server side* i.e. without telling users to ditch IE ;-) Thanks very much in advance for any advice. - Best regards, Lee -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] browser back button - Page has Expired.. problem
Good day, By default, IE will cache these pages (i.e. you won't get this message). If you're receiving that message, it means that the browser doesn't have a cached version of the page. Getting a new version would obviously mean submitting the form information again, which IE, thankfully, doesn't automatically do. It may be that the IE users aren't caching their pages, or the cache is automatically cleaned (had this happen once with users writing onto their profile). Or, it may be that meta tags on the page have instructed the browser not to cache the page, or to quickly expire it. You should check the page source for such headers. I know it is tempting to trash-talk IE, but in this situation, regardless of the problem, most likely the browser is just doing what the user or web page has instructed it to do. Darren Gamble Planner, Regional Services Shaw Cablesystems GP 630 - 3rd Avenue SW Calgary, Alberta, Canada T2P 4L4 (403) 781-4948 -Original Message- From: Lee P Reilly [mailto:[EMAIL PROTECTED]] Sent: Monday, January 28, 2002 3:27 PM To: PHP List Subject: [PHP] browser back button - Page has Expired.. problem Hi, I wonder if anyone can offer me a few pointers..? I'm building a portal to do various bits and bobs. I'm using sessions to facilitate the user authentication/login, etc. The only problem I have is that when viewing these (.php) pages in IE once the session variable has been set, a Warning: Page has Expired page is displayed whenever the 'Back' button is pressed. This means that the user can only access the page again by hitting 'Refresh' (and therefore posting the form data back executing whatever scripts again). The rest of IE's error message reads, The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you. I know from using other web applications (Hotmail is one example), that this doesn't always have to be the case. Is there anyway I can eliminate this security precaution on the *server side* i.e. without telling users to ditch IE ;-) Thanks very much in advance for any advice. - Best regards, Lee -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] browser back button - Page has Expired.. problem
Just add this header header (Cache-Control: public); Alex. - Original Message - From: Lee P Reilly [EMAIL PROTECTED] To: PHP List [EMAIL PROTECTED] Sent: Monday, January 28, 2002 11:26 PM Subject: [PHP] browser back button - Page has Expired.. problem Hi, I wonder if anyone can offer me a few pointers..? I'm building a portal to do various bits and bobs. I'm using sessions to facilitate the user authentication/login, etc. The only problem I have is that when viewing these (.php) pages in IE once the session variable has been set, a Warning: Page has Expired page is displayed whenever the 'Back' button is pressed. This means that the user can only access the page again by hitting 'Refresh' (and therefore posting the form data back executing whatever scripts again). The rest of IE's error message reads, The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you. I know from using other web applications (Hotmail is one example), that this doesn't always have to be the case. Is there anyway I can eliminate this security precaution on the *server side* i.e. without telling users to ditch IE ;-) Thanks very much in advance for any advice. - Best regards, Lee -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]