Thinkphp tips to prevent repeated form submissions

During development, if a form is added or modified, after completing the database operation in the background, we set it not to jump to other pages, or to return to this page. At this time, click the browser's back button before submitting or refreshing the page. , will cause the form to be submitted repeatedly, that is, this record will be added or modified twice.

The reason that causes the form to be submitted repeatedly is that the form submitted for the first time will be cached in the memory until the page is submitted next time or the page is closed or redirected to other pages. disappear. When the self-call returns, the data in the memory is still there. At this time, the submitted code in the page can still detect the submitted value, which will cause the effect of repeated submission.

You can use the following methods to solve it:

Method 1: The simplest: After the page is submitted, go to another page instead of this page. For example, for example, your page address is

http://yourdomain.com/User/Index/login

Then the form action address of the page can be another processing address, such as

<form action="{:U(&#39;User/Index/check_login&#39;)}" method="post">

An error is returned like this, or the user clicks the back button and will still return to the previous address, but this The situation is not safe either. It is also necessary to match method 2 to be safer together

Method 2: After submitting the form, the submit button turns gray/hides the submit button

This method is usually combined with method 1 and is done through JS Dynamically monitor the user's click action, and dynamically set the button attribute to disabeled, which means it is gray and unavailable. The code is as follows:

HTML:

<form action="{:U(&#39;User/Index/check_login&#39;)}" method="post">
   
   
   

JS:

$().ready(function(){
     $("#login_btn").on('click',function(){
            $(this).attr('disabled',true);
      });
});

Method 1 Method 2 After combining, basically more than 90% of repeated submission problems can be solved, but Da Liu Here is the third method, which is to solve this problem once and for all on the server side

Method 3: Use the method of hiding random TOKEN values ​​to make repeated submission judgments

First of all, in the project Add the following method to functions.php

//创建TOKEN
function createToken() {
   $code = chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) .chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) . chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE));
   session('TOKEN', authcode($code));
}
//判断TOKEN
function checkToken($token) {
    if ($token == session('TOKEN')) {
       session('TOKEN', NULL);
       return TRUE;
    } else {
      return FALSE;
    }
}
/* 加密TOKEN */
function authcode($str) {
    $key = "YOURKEY";
    $str = substr(md5($str), 8, 10);
    return md5($key . $str);
}

Fill in the following HTML code in the form page form

HTML:

<input type="hidden" name="TOKEN" value="{:session(&#39;TOKEN&#39;)}" />

Call the creatToken() method to generate the token before the page is displayed , use checkToken() in the corresponding controller POST request to determine whether to submit repeatedly

if(IS_POST)
{
$post_token = I('post.TOKEN');
  if(!checkToken($post_token)){
      $this->error('请不要重复提交页面',U('User/Index/login'));
  }
}

Basically, these three methods can be used together to solve the problem of repeated submission of forms in ThinkPHP development. Of course, some students It is said that ThinkPHP's token ring mechanism can be used, which is actually simpler. TP will generate a hidden field in the form by default. At that time, it can be judged whether the hidden field exists and whether it matches the value in the session. The principle is the same. Method 3 is the same.

Recommended tutorial: thinkphp tutorial

The above is the detailed content of Thinkphp tips to prevent repeated form submissions. For more information, please follow other related articles on the PHP Chinese website!