Home/ Questions/Q 8540671
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T11:39:12+00:00

I have this part of code which i use in order to prevent query

  • 0

I have this part of code which i use in order to prevent query submission twice! Now, this is the query i use in order to make it work, and it works.

    $form_secret = isset($_POST["form_secret"])?$_POST["form_secret"]:'';    
    $query = "INSERT INTO coupon (user_id,points) VALUES ('$user_id','$points')";
    $result=mysql_query($query);

    if ($points == 250) 
    { 
       $url="http://testext.i-movo.com/api/receivesms.aspx?".$str_from.$str_zip.$phone.$str_time.$date1.$str_msg;
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
        curl_close($ch);
        return $output;
    }
    else if ($points == 500) 
    {
        $url="http://testext.i-movo.com/api/receivesms.aspx?".$str_from.$str_zip.$phone.$str_time.$date1.$str_msg;
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
        curl_close($ch);
        return $output;
    }
    else 
    {
        echo "We are sorry, you don't possess enough points in order to take the coupon";   
    }

Perfect up to now!
What i need then is to prevent double submission and hence i’m using this code here, but the problem is, when i put all the above code inside this one, it doesn’t work.. anyone please tell me how to unite this two codes? Thanks..

if(isset($_SESSION["FORM_SECRET"])) 
{
    if(strcasecmp($form_secret, $_SESSION["FORM_SECRET"]) === 0) 
    {
        /*Put your form submission code here after processing the form data, unset the secret key from the session*/
        unset($_SESSION["FORM_SECRET"]);
    }
    else 
    {
        //Invalid secret key
    }
} 
else 
{
    //Secret key missing
    echo "Form data has already been processed!";
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    $_SESSION["FORM_SECRET"] will not be set by default, so you can never submit the form in the first place.

    Reverse the process. Give the form a secret key, and store that secret in the session when the form is submitted. Then, on the next submit, you can check if $_SESSION["FORM_SECRET"] is set (and is the same as the submitted secret), so you’ll know that it’s the second submit of the same form.

    • 0