0

I'm using this script for login on a site in development: http://www.php-login.net/

I'm using the simple login, like so:

 require_once("config/db.php");

 // load the login class
 require_once("classes/Login.php");

 // create a login object.
 $login = new Login();

// ... ask if we are logged in here:
if ($login->isUserLoggedIn() == true) {    



$userid = $_SESSION['user_id'];



$time = Users::getData($userid);

include("views/logged_in.php");    
} else {
// the user is not logged in...
include("views/not_logged_in.php");
}

The script saves the login id in a session which I then use as a parameter in my function getData. This works fine, the problem is when I a) refressh the page b) navigate with whe forward/backward buttons in the browser.

I keep getting the "confirm resending form..." message pop up, which of course is not very user friendly.

How can I avoid this?

user1009453
  • 707
  • 2
  • 11
  • 28
  • Duplicate of [Stop browsers asking to resend form data on refresh?](http://stackoverflow.com/questions/4327236/stop-browsers-asking-to-resend-form-data-on-refresh) and [this](http://stackoverflow.com/questions/8882808/avoid-resending-forms-on-php-pages), and [this](http://stackoverflow.com/questions/660329/prevent-back-button-from-showing-post-confirmation-alert), and [this](http://stackoverflow.com/questions/2666882/how-to-avoid-resending-data-on-refresh-in-php) and … – Quentin Nov 08 '13 at 09:16

1 Answers1

1

You have to use header and redirect site after posting form.

This is happening if user log in, and right after logging in he clicks to logout. Then when you press back button in the browser, there is sending form with $_POST data of his logging and the browser asks you if you want to send that form again.

Use this solution to avoid sending form again (when back button is clicked or F5 (refresh) is pressed):

When you process form with login data, do redirect to the same page, or to home page (its on you). Use

header("HTTP/1.1 302 Found");
header('Location: '.$url_to_redirect);

Then, when he clicks back button, or refresh page, it will not send again login data, so it will not process login again.

Legionar
  • 7,472
  • 2
  • 41
  • 70
  • Hi, thank's for responding. No, this does not happend only in this scenario. I happens every time I refresh the page, wheter i just logged in or if I've been logged in for a while. But maybe you solution works anyway, will try this right away. – user1009453 Nov 08 '13 at 09:24
  • Yes, I just wrote you an example. You have to use `header('Location: '.$url_to_redirect);` after sending form, then it will not ask for confirmation of resending form. – Legionar Nov 08 '13 at 09:32