CGI form repost from browser--how to prevent?
Paul Boddie
paul at boddie.net
Wed Dec 12 05:53:51 EST 2001
bit_bucket5 at hotmail.com (Chris) wrote in message news:<fa7108b0.0112111051.3a9585c5 at posting.google.com>...
> I'm writing a Python cgi script that does some inserts into a mysql
> database based on data in an html form submitted by a user. Is there
> any way to prevent the browser from reposting the data from the form
> when the user hits refresh in the browser after they have submitted
> the form? When this happens, the script receives the same cgi form
> data and performs the same inserts on the database. I think maybe
> this can be prevented by storing some state info with cookies?? Not
> sure (have never used cookies). Any ideas on an easy way to prevent
> this?
I suppose you could have a sequence number which gets stored in a
hidden field in your HTML form.
<!-- Find a way of inserting the number into the value attribute
automatically. -->
<input name="seq" type="hidden" value="1234">
The insertion operation would be dependent on your script then
receiving a sequence number of a given value (or possibly higher) from
the submitted form; once completed, the next permissible sequence
number would be set to a value greater than the one most recently
used.
Should the browser then resend the data, the old sequence number would
be resent, and your script should be able to reject the insertion
request (since the anticipated sequence number would be greater than
the one received).
This is all brought to you straight from the top of my head before any
caffeine-based drinks have been consumed, however.
Paul
More information about the Python-list
mailing list