Home >Backend Development >PHP Tutorial >ThinkPHP method to prevent repeated submission of forms_PHP tutorial

ThinkPHP method to prevent repeated submission of forms_PHP tutorial

WBOY
WBOYOriginal
2016-07-21 15:25:01911browse

However, there is one situation that cannot be prevented:

After the user submits the form, click the browser's back button to return to the form page. At this time, the browser will directly retrieve the page from the cache, so the token verification must fail.

There are many ways to circumvent this problem on the Internet, such as using the location.replace() method to replace the current history record, but this still has flaws. In extreme cases, if the user switches between pages multiple times, clicking the back button several times may return to the previous form page.

The solution is to set Cache-Control: no-cache, no-store in the http header. However, I tried either adding in the page head or outputting header("Cache-control: no- cache, no-store") are invalid.

ThinkPHP method to prevent repeated submission of forms_PHP tutorial

After searching for a long time, I found that the problem lies in ThinkPHP’s template rendering mechanism. Open ThinkPHP/Lib/Think/Core/View.class.php and look at line 173

header("Cache-control: private");  //支持页面回跳

It turns out that in order to support page bounce, TP is forced to send a Cache-control: private header before each template is output. This is really a waste of help.

Comment out this line, delete the TP core cache, try again, and find that the HTTP response header has been successfully changed

ThinkPHP method to prevent repeated submission of forms_PHP tutorial

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/324205.htmlTechArticleHowever, there is a situation that cannot be prevented: after the user submits the form, click the browser back button to return to the form page. At this time, the browser will fetch the page directly from the cache, so...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn