Home > Article > Backend Development > ThinkPHP method to prevent repeated submission of forms_PHP tutorial
However, there is one situation that cannot be prevented:
After the user submits the form, click the browser's back button to return to the form page. At this time, the browser will directly retrieve the page from the cache, so the token verification must fail.
There are many ways to circumvent this problem on the Internet, such as using the location.replace() method to replace the current history record, but this still has flaws. In extreme cases, if the user switches between pages multiple times, clicking the back button several times may return to the previous form page.
The solution is to set Cache-Control: no-cache, no-store in the http header. However, I tried either adding in the page head or outputting header("Cache-control: no- cache, no-store") are invalid.
After searching for a long time, I found that the problem lies in ThinkPHP’s template rendering mechanism. Open ThinkPHP/Lib/Think/Core/View.class.php and look at line 173
header( "Cache-control: private" ); //支持页面回跳
|
It turns out that in order to support page bounce, TP is forced to send a Cache-control: private header before each template is output. This is really a waste of help.
Comment out this line, delete the TP core cache, try again, and find that the HTTP response header has been successfully changed