Example Analysis of ThinkPHP Method to Prevent Repeated Form Submission

This paper summarizes and analyzes the methods of ThinkPHP to prevent repeated submission of forms. Share it for your reference, as follows:

Why are there pits where forms repeat

In the development, if a new or modified form is not set to jump to other pages or return to this page after completing the database operation in the background, clicking back of the browser to submit or refresh the page will lead to repeated submission of form form, that is, this record will be added or modified twice.

A form is submitted repeatedly because the form submitted for the first time is cached in memory and does not disappear until the next page is submitted or when the page closes or moves to another page. When the self-call returns, the data in the memory is still there, and the submitted code in the page can still detect the submitted value, which will produce the effect of repeated submission.

How to solve it?

To summarize the online solutions and your own tests, you can use the following methods:

Method 1: The easiest: Submit the page and go to another page instead of this page. Take chestnuts, for example, your page address is

http://yourdomain.com/User/Index/login

The form action address of the page can be another processing address, such as

<form action="{:U('User/Index/check_login')}" method="post">

If you report an error in this way, or if the user clicks the Back button, you will still return to the previous address, but this situation is not safe. It is also necessary to match methods 2 and 1 to compare insurance

Method 2: The Submit button grays out/hides the Submit button after submitting the form

This way 1 is generally combined with method 1, which dynamically monitors the user's click action through JS, and dynamically sets the button attribute to disabeld, which is gray and unavailable. The code is as follows:

HTML:

<form action="{:U('User/Index/check_login')}" method="post">
  <input type="text" name="username" value="" id="username" />
  <input type="password" name="userpwd" id="userpwd" />
  <input type="submit" name="login_btn" id="login_btn" value=" Landing "/>
</form>

JS:

$().ready(function(){
   $("#login_btn").on('click',function(){
      $(this).attr('disabled',true);
   });
});

After the combination of Method 1 + Method 2, basically more than 90% of the repeated submission problems can be solved, but Da Liu still wants to talk about the third method here, that is, to solve this problem in Server 1

Method 3: Use the method of hiding random TOKEN value to judge repeated submission

First, add the following method to the project's functions. php

// Create TOKEN
function createToken() {
  $code = chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) .    chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE)) . chr(mt_rand(0xB0, 0xF7)) . chr(mt_rand(0xA1, 0xFE));
  session('TOKEN', authcode($code));
}
// Judge TOKEN
function checkToken($token) {
  if ($token == session('TOKEN')) {
    session('TOKEN', NULL);
    return TRUE;
  } else {
   return FALSE;
  }
}
/*  Encryption TOKEN */
function authcode($str) {
  $key = "YOURKEY";
  $str = substr(md5($str), 8, 10);
  return md5($key . $str);
}

Fill in the following HTML code on the form page form

HTML:

<input type="hidden" name="TOKEN" value="{:session('TOKEN')}" />

Called before the page is displayed creatToken() Method to generate token, which is used in the corresponding controller POST request checkToken() Determine whether to submit repeatedly

if(IS_POST)
{
$post_token = I('post.TOKEN');
 if(!checkToken($post_token)){
   $this->error(' Please do not submit the page repeatedly ',U('User/Index/login'));
 }
}

Basically, these three methods can solve the problem of repeated submission of forms in ThinkPHP development. Of course, some students said that the token ring mechanism of ThinkPHP can be used, which is actually simpler. TP will generate a hidden field in the form by default, and then judge whether this hidden field exists and whether the value in session is desirable. The principle and method 3 are the same.

PS: Today, the content was finally sent out with the markdown editor of the simplified book. Sure enough, the grammar of markdown is not covered, and the whole typesetting is refreshing, which is good.

For more readers interested in thinkPHP related contents, please check the topics of this site: "ThinkPHP Introduction Tutorial", "thinkPHP Template Operation Skills Summary", "ThinkPHP Common Methods Summary", "codeigniter Introduction Tutorial", "CI (CodeIgniter) Framework Advanced Tutorial", "Zend FrameWork Framework Introduction Tutorial" and "PHP Template Technology Summary".

I hope this article is helpful to the PHP programming based on ThinkPHP framework.