REPOST: Re: CGI form repost from browser--how to prevent?

Michael Ströder michael at stroeder.com
Sat Dec 29 09:08:19 EST 2001 

Andreas Kostyrka wrote:
> 
> On Tue, Dec 11, 2001 at 10:51:53AM -0800, Chris wrote:
> > I'm writing a Python cgi script that does some inserts into a mysql
> > database based on data in an html form submitted by a user.  Is there
> > any way to prevent the browser from reposting the data from the form
> > when the user hits refresh in the browser after they have submitted
> > the form?  When this happens, the script receives the same cgi form
> > data and performs the same inserts on the database.  I think maybe
> > this can be prevented by storing some state info with cookies??  Not
> > sure (have never used cookies).  Any ideas on an easy way to prevent
> > this?
> Make it a POST Method. This way a standard conforming browser has to ask
> permission from the user to repost the data.

Which doesn't prevent the user from hitting the button "Yes, resend
form". BTW: Chris already said "to prevent the browser from
reposting".

If it's crucial for the data integrity the server-side CGI-BIN part
has to cross-check the input against existing data. There's no
general solution without knowing details about the data model. Also
the [Back] button and "Open Link in New window" are things to
consider.

Ciao, Michael.

========= WAS CANCELLED BY =======:
Path: news.sol.net!spool1-nwblwi.newsops.execpc.com!newsfeeds.sol.net!news-out.visi.com!hermes.visi.com!news.maxwell.syr.edu!feeder.kornet.net!news1.kornet.net!ua4canc3ll3r
From: Michael =?iso-8859-1?Q?Str=F6der?= <michael at stroeder.com>
Newsgroups: comp.lang.python
Subject: cmsg cancel <3C2DCE53.AF5477E3 at stroeder.com>
Control: cancel <3C2DCE53.AF5477E3 at stroeder.com>
Date: Mon, 31 Dec 2001 03:15:05 GMT
Organization: A poorly-installed InterNetNews site
Lines: 2
Message-ID: <cancel.3C2DCE53.AF5477E3 at stroeder.com>
NNTP-Posting-Host: 211.57.49.2
X-Trace: news2.kornet.net 1009774764 27193 211.57.49.2 (31 Dec 2001 04:59:24 GMT)
X-Complaints-To: usenet at news2.kornet.net
NNTP-Posting-Date: Mon, 31 Dec 2001 04:59:24 +0000 (UTC)
X-No-Archive: yes
X-Unac4ncel: yes
X-Commentary: I love NewsAgent 1.10 and the Sandblaster Cancel Engine Build 74 (19 March 1999)

This message was cancelled from within Mozilla.

More information about the Python-list mailing list