Forum Moderators: coopster
I have a form that gets filled out, and uses PHP_SELF as its action so it can determine a valid email address has been put into the field (that's the only field in the form - email only). Currently, it checks to be sure it's written correctly - and if it's invalid, and error message pops up and tell the user to try again. If it's fine, the form will submit to a third-party databse. That third party database redirects back to my form with all fields cleared.
My issue is this: my client wants a "thank you" message to appear, and/or have the form disabled so that, when the end user is returned to the page, the form will not re-submit. (Either on purpose in trying to spam it, or by accident, not realizing that the form was already submitted). Now, since the third-party database is actually processing the form information, the PHP script doesn't really activate and can't generate the "thank you" message I want.
It was suggested that I use sessions to add something ( a cookie, maybe?) to the form. I tried doing it, but now, if the end user clicks the "submit" button by accident (therefore sending an empty field) the PHP reads it as invalid input, and returns the user to the page to try again. However, the session has now disabled the form, and they can't re-enter the valid info. Agh!
I'm at a loss. Would anyone have any suggestions for me? It would be greatly appreciated.
Here's the code I have so far:
<?php
// Saving the page header in the variable $head.
$head = <<<ENDH
<html>
<body>
ENDH;
// Saving the page footer in the variable $tail.
$tail = <<<ENDT
</body>
</html>
ENDT;
// Set up variables that will be saved in the cookies
// Define unique cookie prefix
$ID = "My_ID";
// Cookie lifetime in seconds (in this example, three days)
$cookie_life = 3000;
// Name of cookie that holds the user's email
$n_email = $ID . "_email";
// Name of cookie that holds the user's last login
$n_last = $ID . "_last";
// These lines print the form with user input and sends to the submit form
if( isset($email)) {
Setcookie($n_last,Date("H:i d/m/Y"),time()+$cookie_life);
print $head;
?>
<script type="text/javascript">setTimeout('document.newsletter.submit();',500);</script>
This is the page that submits to the database...
<formmethod="post"
name="newsletter"
action="testformRETURN.php">
<table border="0"><tr><td>
<b>Email: </b>
</td><td>
<input type="text" name="email" size="30" value="<?php echo $email?>" />
</td></tr>
<tr><td colspan="2" style="text-align:center;">
<input type="hidden" name="action" value="submit" />
<input class="button" type="submit" value="Submit" />
</td></tr>
</table>
</form>
<?php
// Print end and leave
print $tail;
exit();
}
// This loop treats users who have not been to the site before.
if(!$$n_last) {
if(! isset($email)) { // if no name - display the form
echo $head;
isset($_POST['action'])? $action = $_POST['action'] : $action = '';
isset($_POST['emailerror'])? $emailerror = $_POST['emailerror'] : $emailerror = '';
isset($_POST['send'])? $send = $_POST['send'] : $send = '';
if ($action == "submit"){
if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{¦}~]+'.'@' .'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{¦}~]+\.'.'[-!#$%&\'*+\\ ./0-9=?A-Z^_`a-z{¦}~]+$', $email) ¦¦ ereg("'", $email)) {
$emailerror = "1";
print "Your <b>email</b> is invalid. Please check it and re-enter.";
exit;
}
}
?>
<formmethod="post"
action="<? echo $PHP_SELF?>">
<table border="0"><tr><td>
<b <? if ($emailerror!= "")?> >Email: </b>
</td><td>
<input type="text" name="email" size="30" value="<?php echo $email?>" />
</td></tr>
<tr><td colspan="2" style="text-align:center;">
<input type="hidden" name="action" value="submit" />
<input class="button" type="submit" value="Submit" />
</td></tr>
</table>
</form>
<?php
echo $tail;
exit;
} else {
// Set cookies and continue
Setcookie($n_email,$email,time()+$cookie_life);
$$n_email = $email;
}
}
// This loop treats repeat users.
Setcookie($n_last,Date("H:i d/m/Y"),time()+$cookie_life);
echo $head;
?>
Thanks for your submission!
Any help would be appreciated :)
[edited by: ergophobe at 6:07 pm (utc) on Nov. 3, 2005]
[edit reason] fixed sidescroll [/edit]
<?php
$success = 0;
$error = 0;
if ($_POST)
{
if (email is OK) // use your 'ereg' code here
{
setcookie('email_submitted', 1, time() + (30*24*3600), '/'); // 1 month
$success = 1;
?>
HTML: send to database with your js code here
<?php
}
else
{
$error = 1;
}
}
?>
HTML: render header
<?php
if ($_COOKIE['email_submitted'] and!$success)
{
# user already have their "thank you" in this session
say "you again? :( go away!" // no form for this user
}
else if (!$_POST or $error)
{
if ($error)
{
# consecutives attempts
say "please try again"
}
else
{
# first attempt
say "welcome, input email"
}
# always render same form only change the message above
?>
HTML: render the form
<?php
}
else
{
# user _POST without error
say "thank you dear user :) we are in peace (for now)"
}
?>
HTML: render footer
$_SESSION is not appropriate. cookies are for this.
what do you think doodlebee?
Now everything's working - sort of. The cookie is being set as it should, variables are passing like they should and error messages (in regards to the validation) are coming up as they should.
*However*...even though the cookie is being set correctly, it's not stopping the resubmission of data. I *know* where the issue is, but I can't figure out what I'm writing wrong to make it not function.
Here's the code for the important part:
//If you have never been here before...
if(!$$n_last) {
//and there is no email trying to be passed through the form...
if(! isset($email)) {
//then include the form layout and exit the script.
include ("index.shtml");
exit;
// But if there *is* an email trying to pass through
} else {
// Then set a cookie based on the email address setcookie($n_email,$email,time()+$cookie_life);
$$n_email = $email;
}
The above section is working just fine. But I'm having issues with the next section:
}
// If you *have* been here before...
if($$n_last) {
// But you're not trying to set an email address, then you're probably returning from what you just submitted...
if(! isset($email)) {
//so I want to show a "thank you" message...
$cookieerror = "2";
//But not allow the user to resubmit anything.
$send = "no";
//But if you *are* trying to submit an email address..
} else {
//Display the "you've already sent stuff" message
$cookieerror = "1";
//and you're still denied in sending anything.
$send = "no";
}
}
..at least that what I *think* I'm doing in that last section. The variable $$n_last - I don't know if I should change that to $$n_email or not. It seems to work either way...so I guess I *could* remove the $$n_last and not worry about anything.
However, at the very top of my script, I have this:
if($action!="submit"){
include ("index.shtml");
exit;
}
So that if a user is visiting the page for the first time, it basically shows the page - I'm wondering if this is screwing up the "if(!$$n_last)" thing - which basically does the exact same thing.
Anyone have any ideas? Maybe I need to show the full code? I'd appreciate any help!
In short:
For avoid resubmitting you must use something like this:
header ('location: page you want');
exit;
inmediatly after POST (in same request) -> if user reload page, the form is not submit again.
you got it?
try it and tell me...
