The F5 key still saves to base

I made a page from which, through the form, the data is stored in the database after clicking on the submit button. To receive data from the form, I wrote, as expected, the code of the following meaning: “if the submit button was pressed, then accept the data for processing and saving in the database.”

But what I get is when I hit the submit button, the data is saved as it should be, but then I press F5 to reload the page and the same data is saved again. And I don’t need it! Help me figure out what’s going on…

<?php
if (isset($_GET['save'])) {
    if (empty($_GET['title'])) {
        echo "Введите название";
    }
    elseif (empty($_GET['description'])) {
        echo "Введите описание";
    } elseif (empty($_GET['content'])) {
        echo "Введите содержимое";
    } else {
        $title       = $_GET['title'];
        $description = $_GET['description'];
        $img_path    = $_GET['img_path'];
        $content     = $_GET['content'];
        $date        = date("Y-m-d");
        $query       = "Insert Into news (title,description,img_path,date,content) Values ('$title','$description','$img_path','$date','$content')";
        $result      = mysql_query($query);
        if ($result == true) {
            echo "Вы успешно добавили новую новост!";
        } else {
            echo "Непредвиденная ошибка!";
        }
    }
}
?>

<form action="" method="get">
    <p>
        <label>название:</label>
        <input type="text" name="title" id="title" class="auto-focus"
        />
    </p>
    <p>
        <label>Описание:</label>
        <input type="text" name="description" id="description"
        class="auto-hint" />
    </p>
    <p>
        <label>Путь к Images:</label>
        <input name="img_path" type="file" />
    </p>
    <p>
        <label>Дата :</label>
        <input name="date" type="datetime-local" />
    </p>
    <p>
        <label for="message">Содержимое:</label>
        <textarea cols="80" rows="4" id="message" name="content"
        class="auto-hint"></textarea>
    </p>
    <p>
        <button type="submit" name="save">Сохранить</button>
    </p>
</form>

Answer 1, authority 100%

Pay attention to the page lifecycle:

When you load a page, it’s just rendered first.

When the form’s submit button is clicked, the form is loaded a second time. In this case, the data is written directly to the URL, because GETsend method selected.

So when you press F5, you navigate again to URL, which already has the data from the form. Naturally, your code immediately saves them to the database properly)


Answer 2

It is ideal to write a system of 3 requests.

  1. Displaying the form
  2. Trying to save data
  3. If it was possible to save the redirect to the 3rd request, if it did not work out (there are errors) to 1.

something like this…

And in general, your code is not very reliable!

Of your variables on isset, only saveis checked, i.e., if no other variables are found, then there will be warningand not a safe request to the database!

Use mysql_real_escape_stringand cast (I write specifically for this occasion).

Leave a reply

Please enter your comment!
Please enter your name here