Mawg Mawg - 5 months ago 74
PHP Question

Simple Post-Redirect-Get code example

I have found many sites that describes PRG, but no simple PHP code example.




Here's what I implemented:


  1. The
    form.php
    has an action:
    validate.php
    .

  2. The
    validate.php
    is never seen by the user; if validates all
    $_GET
    and, if valid writes it to database and generates the HTML of a confirmation page / if not valid, it generates the HTML of an error page explaining what is wrong.

  3. Whichever HTML is generated get stored in a
    $_SESSION
    variable and then
    validate.php
    calls
    header('Location: <as appropriate>);
    .

  4. The
    submitted.php
    of
    invalid_input.php
    (in case the user reads the URL) consists only of
    echo $_SESSION['form_html'];
    .



That seems to me like protection against both page reload and back button problems.

Did I goof by trying to reinvent the wheel?

Answer

Simplest scenario:

if ($_POST) {
   // Execute code (such as database updates) here.

   // Redirect to this page.
   header("Location: " . $_SERVER['REQUEST_URI']);
   exit();
}

Use REQUEST_URI. Do not use PHP_SELF as in most CMS systems and frameworks PHP_SELF would refer to /index.php.