Erase form and prevent the repetitive click on Send

General PHP Help
#1

Hello,
I do not know much about php and beg you for help

  1. Into my formulare I needed to write code for greasing form after clicking Send a.
  2. If this goes so prevent the repetitive clicking on the send behind use php script.
    Please help!!! I thank everyone in advance for your help.

Script:
[sup]

<?php $titleErr = $nameErr = $emailErr = $commentErr = ""; $title = $name = $email = $comment = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["title"])) { $titleErr = "You must enter Title!"; } else { $title = test_input($_POST["title"]); } if (empty($_POST["name"])) { $nameErr = "Must enter the Name!"; } else { $name = test_input($_POST["name"]); if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Only letters and white space allowed"; } } if (empty($_POST["email"])) { $emailErr = "Must enter the name Email!"; } else { $email = test_input($_POST["email"]); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; } } if (empty($_POST["comment"])) { $commentErr = "Must enter the name comment"; } else { $comment = test_input($_POST["comment"]); } if ($titleErr=="" AND $nameErr=="" AND $emailErr=="" AND $commentErr=="") { $to = "@...my email..."; $from = $_POST['email']; $title = $_POST['title']; $name = $_POST['name']; $subject = "Info from"; $subject2 = "Copy of your form submission"; $comment = $title . " " . $name . " " . "\n\n" . $_POST['comment']; $comment2 = "Here is a copy of your comment " . $name . "\n\n" . $_POST['comment']; $headers = "From:" . $from; $headers2 = "From:" . $to; mail($to,$subject,$comment,$headers); mail($from,$subject2,$comment2,$headers2); header("Location: thanks.html"); } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> Write us what you need to know * required field. 
 Title:<span class="error" style="position:relative; top:2px;"><big> * </big></span>
          <br> 
 <input type="text" name="title" size="5" value="<?php echo $title;?>">
 <span class="error"><?php echo $titleErr;?></span><br><span id="example"> / Mr, Ms, ... / </span>
 <br>     
 Name:<span class="error" style="position:relative; top:2px;"><big> * </big></span>
          <br> 
 <input type="text" name="name" size="45" value="<?php echo $name;?>">
 <span class="error"><?php echo $nameErr;?></span><br><span id="example"> / First Name and Last Name / </span>
 <br>
 E-mail:<span class="error" style="position:relative; top:2px;"><big> * </big></span>
          <br>
  <input type="text" name="email" size="50" value="<?php echo $email;?>">
 <span class="error"><?php echo $emailErr;?></span><br><span id="example"> / Write in good format! / </span>
 <br><br>
 Comment:<span class="error" style="position:relative; top:2px;"><big> * </big></span>
          <br>
         <textarea name="comment" rows="6" cols="70"> <?php echo $comment;?></textarea>
         <span class="error"><?php echo $commentErr;?></span>
 <br>
 <p class="navod"> Turn the picture into the correct position ! </p>
 
<div  id = "rocaptcha_placeholder" ></div>
  <script  type = "text/javascript"  src = "http://rocaptcha.com/api/js/?key=...My key...." ></script>
  <script  type = "text/javascript" >
       RoCaptcha . init ( "rocaptcha_placeholder" );
  </script>
 <br>
<input type="submit" name="submit" value="Submit" id="send">
</fieldset>
[/sup]
#2

willH, next time please place your code inside of the PHP tags. It saves display space and it also makes it
much easier for us to copy into our editors. Help us help you!

Now, since your code sends the user to a secondary page (thanks.html) they will not have a chance to
click send again because they will not be on the send page. So, not sure what you are asking of us.

If you mean, you want to only allow one email per machine, you could keep tract of their IP addresses in
a table and keep a flag that tells when they last sent an email. But, normally, this is not done.

Please explain further on what you need help with. Thanks!

#3

How did submit the form so the data are left Inscribed on the form. I need that data is erased. Someone has a slow connection, so clicks the submit button more than once.
Therefore, I need to block the Send button after the first click and reset form. Thank in help!

#4

I understand your question. Thank you.

Well, the problem is how the internet, PHP and servers work. When anyone views a page on the internet,
the page is sent to the browser. In the browser it “renders” the display using HTML and CSS to the screen.
A button on the page is basically at that point inside the browser, not on the server. Once a submit button
is pressed the input fields are sent back to the server as “posted” data. Then, the server can deal with the
data. Therefore, if a user presses twice quickly, it is most likely they have a slow computer not a slow
connection. You can not fix this issue with server-side code such as PHP. You need to handle it with a
client-side routine inside the browser. This would be done with Javascript. You would need a short code
that would “disable” the button once it is pressed. Here is one way that can do it for you:
[php]

[/php]
Place this script at the bottom of your page, just above the the tag. It is JQuery code not JS,
but, works just like Javascript. What it does is keep checking for the form to be submitted to the server.
Once submitted, it disables the submit button so the user can not click again. One issue is that your form
must have a name on it. I called it “myForm”, but, you can name it anything you want to. This should work
good for you. Note that the pound sign ( # ) inside the code means that it looks for the ID of the field. So,
you need to add id=“myForm” in your tag so it can find the form. Hope you understand that.

#5

I disagree with ErnieAlex. You can and should prevent duplicate submissions server-side.

In fact, it’s generally a bad idea to rely on JavaScript, because many people actually turn it off (e. g. for security reasons). Unless you absolutely need JavaScript for your site, you should make it optional and do all checks server-side.

The standard approach to the duplication problem is twofold:

[ul][li]Use a nonce so that the user won’t accidentally submit the same data multiple times.[/li]
[li]Use the PRG pattern to prevent the browser from resubmitting the data when the user refreshes the page.[/li][/ul]

test.php
[php]<?php

require_once DIR.’/functions.php’;

session_start();

$errors = [];

if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’)
{
// check if the request contains a valid nonce; if that’s the case, invalidate the nonce, otherwise display an error
if (isset($_SESSION[‘nonces’][$_POST[‘nonce’]]))
{
unset($_SESSION[‘nonces’][$_POST[‘nonce’]]);
}
else
{
$errors[] = ‘Invalid nonce.’;
}

// standard form validation
if (!isset($_POST['test_input']) || $_POST['test_input'] != 'test')
{
    $errors[] = 'Invalid input. You need to enter "test".';
}

// if everything is OK, process the data and redirect the user,
if (!$errors)
{
    // process the data

    header('Location: test.php');
    exit;
}

}

// generate and store new nonce in session
$nonce = random_hex_bytes(16);
$_SESSION[‘nonces’][$nonce] = true;

?>

A test form.

Test form

<?php if ($errors) : ?>

Form processing failed

    <?php foreach ($errors as $error) : ?>
  • <?= html_escape($error, 'UTF-8') ?>
    • <?php endforeach; ?>
<?php endif; ?> Please enter the word "test" (without quotes): [/php]

functions.php
[php]<?php

/**

  • Escape a string for an HTML context.
  • @param string $raw_input the input string to be escaped
  • @param string $encoding the character encoding of the input
  • @return string the escaped string, or FALSE in case of an error
    */
    function html_escape($raw_input, $encoding)
    {
    return htmlspecialchars($raw_input, ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML5, $encoding);
    }

/**

  • Generate random bytes and return their hexadecimal representation.

  • @param int $byte_count the number of bytes

  • @return string the hexadecimal representation
    */
    function random_hex_bytes($byte_count)
    {
    if (!is_int($byte_count) || $byte_count <= 0)
    {
    trigger_error(‘The number of bytes must be a positive integer.’, E_USER_ERROR);
    }

    $random_bytes = ‘’;

    if (function_exists(‘mcrypt_create_iv’))
    {
    $random_bytes = mcrypt_create_iv($byte_count, MCRYPT_DEV_URANDOM);
    }
    elseif (function_exists(‘openssl_random_pseudo_bytes’))
    {
    $random_bytes = openssl_random_pseudo_bytes($byte_count);
    }
    else
    {
    trigger_error(‘No random number generator found. Need the OpenSSL or the Mcrypt extension.’, E_USER_ERROR);
    }

    if (!$random_bytes)
    {
    trigger_error(‘Failed to generate random bytes.’, E_USER_ERROR);
    }

    return bin2hex($random_bytes);
    }[/php]
    The nice thing about using nonces is that they also prevent cross-site request forgery.

#6

Pretty, the guy is a beginner, just learning things… That is why I made it simple…

I do agree with you, but, he was talking about a slow internet and obviously a slow computer.
And, so simple works for that situation… He does not know about nonce or PRG’s…

#7

You’ve claimed that the problem cannot be solved server-side. That’s simply wrong. Making the server check for duplicate submissions is by far the most common, straightforward and reliable solution, because it’s not dependend on any client-side properties.

The code you’ve proposed doesn’t really solve anything. It doesn’t clear the form, it doesn’t prevent indirect resubmissions (via the “refresh” or “back” button), and it doesn’t work if JavaScript is disabled. You might say that it’s “still good enough for a newbie”, but who are you to make that decision for somebody else?

Which is why I explained it and showed an example implementation.

Being a “newbie” doesn’t imply being stupid or unwilling to learn. And a redirect isn’t exactly rocket science.

#8

Did you read his problem? He was talking about a slow CLIENT-SIDE issue, not his server side.
I was just answering what he needed… But, all knowledge helps…

#9

Just my 2 cents, I always use PRG.

#10

Did you understand a single word of what I’m saying?

It doesn’t matter whether the client has a slow PC, a slow Internet connection or whatever. We could speculate about this all day long, but it won’t get us anywhere. The point is: There are duplicate form submissions.

Yes, we could try to solve this problem client-side, but as I already explained, this simply doesn’t work. A much better approach is to solve it server-side, because the server can easily recognize duplicate submissions using a nonce.

Solving client-side problems on the server is what we do all the time, and sometimes it’s the only choice. For example, user input must be validated by the server, because we cannot rely on the client to do that for us.

Look, I understand where you’re coming from. Your suggestion is logical and would certainly prevent some duplicate submissions. But wouldn’t it make more sense to catch all of them with a standard approach that has already proven itself in practice?

You can still add your JavaScript code as an additional GUI feature to tell the user that the form is currently being processed.

#11

Thank you very much to all behind help and advice !!!

Such problem I am want to solve help the Bohemian the auxiliary pages, because I come from Czech Republic.
On their websites they label me as an idiot who knows nothing. I wrote that this man, who wrote to me is cocky jerk. I was thrown out and added my person other expressions.

I am very glad that I found this web site where they are nice people, who try to help. I know he my English is not perfect. Some of It alerts and slight swearword will not hurt ! Thereby one learns !!!

Finally:
Thank you very much again to all and I wish you much success in work and personal life!
If I needed so pleased to go back asking for help. Thank you Will.

#12

WillH, don’t worry about your English. We will get what you say. Glad you are in programming and hope we
can help you as you learn more. Keep asking us and we will help !

Sponsor our Newsletter | Privacy Policy | Terms of Service