Autor Thema: Good practice: HTTP post request  (Gelesen 204 mal)

oliver

  • Gast
Good practice: HTTP post request
« am: 29. April 2011, 20:52:58 »
(info for developers)

Hi,

when submitting an HTTP post form like "editcache.php", the post URL is "editcache.php" without the site identifier like "?cacheid=...".

When the user refreshes the browser view, the POST data is uploaded again. This causes serveral problems, because the request is processed twice.

In the past the following solution worked well:
After processing the POST-data in PHP, dont show the HTML page.
Instead, do an $tpl->redirect() to the site with site identifier.

Example:
User clicks "edit cache" => links to editcache.php?cacheid=1234
User submits the form => post to editcache.php
Server saves the changes and redirects to "editcache.php?cacheid=1234"

Now, the user is able to refresh the browser view, save the site in favorites list etc.

When resubmission causes serious problems, like newcache.php, an addtional locking mechanism should be implemented. To prevent duplicate submission. E.g. "one time code in hidden html-input".


Kind regards,

Oliver