0
0
PhpDebug / FixBeginner · 4 min read

How to Prevent Form Resubmission in PHP: Simple Fix

To prevent form resubmission in PHP, use the Post/Redirect/Get (PRG) pattern by redirecting the user to a new page after processing the form with header('Location: ...'). This stops the browser from resubmitting the form data when the user refreshes or navigates back.
🔍

Why This Happens

When a user submits a form using the POST method, the browser sends data to the server. If the user refreshes the page or presses the back button, the browser tries to resend the same POST data, causing the form to be submitted again. This can lead to duplicate entries or repeated actions.

php
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Process form data
    $name = $_POST['name'];
    echo "Thank you, $name! Your form was submitted.";
}
?>
<form method="post">
    <input type="text" name="name" placeholder="Enter your name">
    <button type="submit">Submit</button>
</form>
Output
Thank you, John! Your form was submitted. [Form with input and submit button]
🔧

The Fix

After processing the form data, redirect the user to a new page or the same page using header('Location: ...') and exit(). This clears the POST data and prevents resubmission on refresh.

php
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $name = $_POST['name'];
    // Process the form data here (e.g., save to database)

    // Redirect to the same page to prevent resubmission
    header('Location: ' . $_SERVER['PHP_SELF'] . '?submitted=1&name=' . urlencode($name));
    exit();
}

if (isset($_GET['submitted']) && $_GET['submitted'] == 1) {
    $name = htmlspecialchars($_GET['name']);
    echo "Thank you, $name! Your form was submitted.";
}
?>
<form method="post">
    <input type="text" name="name" placeholder="Enter your name">
    <button type="submit">Submit</button>
</form>
Output
Thank you, John! Your form was submitted. [Form with input and submit button]
🛡️

Prevention

Always use the Post/Redirect/Get pattern when handling form submissions to avoid duplicate submissions. This means after processing POST data, redirect the user to a GET page. Additionally, use tokens or session flags to detect and block repeated submissions if needed.

  • Use header('Location: ...') after POST processing.
  • Call exit() immediately after redirect.
  • Validate and sanitize all inputs.
  • Consider using CSRF tokens to secure forms.
⚠️

Related Errors

Other common issues related to form handling include:

  • Duplicate database entries: Caused by resubmission without checks.
  • Missing input validation: Leads to security risks.
  • Session timeout: Can cause unexpected form behavior.

Quick fixes include using unique tokens for each form submission and validating inputs server-side.

Key Takeaways

Use Post/Redirect/Get pattern to prevent form resubmission in PHP.
Redirect with header() and exit() after processing POST data.
Avoid duplicate form submissions by clearing POST data with redirect.
Validate and sanitize all form inputs to ensure security.
Use tokens or session flags to detect repeated submissions if needed.

Related by keyword

How to Prevent CSRF in PHP: Simple and Effective MethodsSecurityHow to Prevent XSS in PHP: Simple and Effective MethodsSecurityHow to Fix Undefined Array Key in PHP: Simple SolutionsCommon ErrorsHow to Fix Undefined Index in PHP: Simple SolutionsCommon ErrorsHow to Create Registration Form in PHP with MySQLMySQL with PHP

Up next

What is $_POST in PHP: Simple Explanation and Usage$_SERVER in PHP: What It Is and How to Use ItHow to Check if Session is Set in PHP: Simple GuideHow to Destroy Session in PHP: Complete Guide

More in Form Handling

How to Get Form Data in PHP: Simple GuideHow to Handle Form in PHP: Simple Steps and FixesHow to Handle Multiple File Upload in PHP EasilyHow to Limit File Size in PHP Upload: Simple Guide