PHP anti-shake and anti-duplicate submission: improve system security and usability

PHP anti-shake and anti-duplicate submission: to improve the security and usability of the system, specific code examples are needed

Introduction:
With the development of the Internet, more and more More and more systems adopt Web front-end development technology, among which PHP, as a very popular back-end development language, is widely used in various Web applications. However, in actual development, we often encounter a problem: users frequently click the submit button, causing the system to be blocked or repeated submissions occur, thus affecting the security and availability of the system. In order to solve this problem, this article will introduce the methods of anti-shaking and anti-resubmission in PHP, and provide specific code examples.

1. What is anti-shake and anti-repeated submission

1. Anti-shake
   Anti-shake refers to delaying the execution of the corresponding code for a period of time after the user triggers an event. If the user triggers the event again within this period, the timer is reset and timing starts again until the user stops triggering and executes the code after the last trigger. Anti-shake can effectively prevent users from triggering the same event frequently, causing system congestion.
2. Anti-repeated submission
   Anti-repeated submission means that after the user submits a form or performs an important operation, the system effectively judges the user's operation. If the user repeatedly submits the same form or performs the same operation Operations are intercepted to prevent repeated insertion of data or repeated execution of operations.

2. How to implement anti-shake and anti-resubmit accomplish. The following is a simple code example to implement anti-shake:

// 定义一个全局的定时器变量
var timer = null;

function debounce(func, delay) {
    // 清除上一次的定时器
    if (timer) {
        clearTimeout(timer);
    }
    // 创建一个新的定时器
    timer = setTimeout(func, delay);
}

// 使用防抖函数，在用户输入文本框后1秒钟后才触发输入事件
var input = document.getElementById('input');
input.addEventListener('input', function() {
    debounce(function() {
        // 执行输入事件的处理函数
    }, 1000);
});

1. 
   Anti-repeated submission implementation method
The implementation method of anti-repetition submission needs to be processed on the server side, a commonly used The method is to use Token to verify whether the submission is repeated. The specific implementation process is as follows:

// 生成一个唯一的Token，并将其保存在Session中
function generateToken() {
    $token = md5(uniqid(rand(), true));
    $_SESSION['token'] = $token;
    return $token;
}

// 判断提交的Token是否有效
function isTokenValid($token) {
    if (isset($_SESSION['token']) && $token === $_SESSION['token']) {
        unset($_SESSION['token']);
        return true;
    }
    return false;
}

// 在表单中添加一个隐含的Token字段
function addTokenToForm() {
    $token = generateToken();
    echo '<input type="hidden" name="token" value="'.$token.'">';
}

// 在服务器端验证Token
function validateToken() {
    if (!empty($_POST['token']) && isTokenValid($_POST['token'])) {
        // 执行表单提交的操作
    } else {
        // Token无效，返回错误信息
    }
}

// 在页面中添加表单，并添加Token字段
echo '<form action="submit.php" method="post">';
addTokenToForm();
// 添加其他表单字段
echo '<input type="submit" name="submit" value="提交">';
echo '</form>';

// 在表单提交的处理页面中验证Token
validateToken();

2. 3. Summary
   Through the implementation method of anti-shaking and anti-repetition submission, the security and usability of the system can be effectively improved. In actual development, different anti-shake and anti-resubmission methods can be selected according to different needs, and implemented through specific code examples. Through this improvement in security and usability, the normal operation of the system and a good user experience can be better ensured.

The above is the detailed content of PHP anti-shake and anti-duplicate submission: improve system security and usability. For more information, please follow other related articles on the PHP Chinese website!