Php 简明教程

PHP - Post-Redirect-Get (PRG)

在 PHP 中,PRG 代表“Post/Redirect/Get”。这是一种常用的技术,设计用于防止提交表单之后再次提交该表单。您可以在 PHP 中轻松实施此技术以避免重复提交表单。

In PHP, PRG stands for "Post/Redirect/Get". It is a commonly used technique that is designed to prevent the resubmission of a form after it’s been submitted. You can easily implement this technique in PHP to avoid duplicate form submissions.

通常,HTML 表单使用 POST 方法向服务器发送数据。服务器脚本获取数据以进行进一步处理,如在后端数据库中添加新记录或运行查询以获取数据。如果用户意外地刷新浏览器,则有可能再次重新提交相同的表单数据,可能导致数据完整性丢失。PHP 中的 PRG 方法帮助您避免这种陷阱。

Usually a HTML form sends data to the server with the POST method. The server script fetches the data for further processing like adding a new record in a backend database, or running a query to fetch data. If the user accidentally refreshes the browser, there is a possibility of the same form data being resubmitted again, possibly leading to loss of data integrity. The PRG approach in PHP helps you avoid this pitfall.

Example

首先,我们考虑以下 PHP 脚本,它渲染一个简单的 HTML 表单,并使用 POST 方法将其提交回自身。当用户填写数据并提交时,后端脚本会获取数据,渲染结果,然后返回以再次显示空白表单。

To start with, let us consider the following PHP script that renders a simple HTML form, and submits it back to itself with POST method. When the user fills the data and submits, the backend script fetches the data, renders the result, and comes back to show the blank form again.

<?php
   if (isset($_POST["submit"])) {
      if ($_SERVER["REQUEST_METHOD"] == "POST")
         echo "First name: " . $_REQUEST['first_name'] . " " . "Last Name: " . $_REQUEST['last_name'] . "";
   }
?>

<html>
<body>
   <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
      First Name: <input type="text" name="first_name">  <br/>
      Last Name: <input type="text" name="last_name" />
      <button type="submit" name="submit">Submit</button>
   </form>
</body>
</html>

假设服务器正在运行,则将上述脚本放置在文档根文件夹中并在浏览器中访问。

Assuming that the server is running, the above script is placed in the document root folder and visited in the browser.

填写数据并提交。浏览器会回显结果,然后重新渲染表单。现在,如果您尝试刷新浏览器页面,将会弹出一个警告,如下所示 −

Fill the data and submit. The browser echoes the result, and re-renders the form. Now if you try to refresh the browser page, a warning pops up as shown below −

php prg 1

如果您按 Continue ,则会再次发布相同数据。

If you press Continue, the same data is posted again.

可以使用以下图形理解问题 −

The problem can be understood with the following figure −

php prg 2

在 PHP 脚本中执行以下步骤以避免问题 −

Following steps are taken in the PHP script to avoid the problem −

  1. The PHP script before the HTML form starts a new session.

  2. Check if the form has been submitted with POST method.

  3. If so, store the form data in session variables

  4. Redirect the browser to a result page. In our case, it is the same page. With the exit command, to terminate this script to make sure no more code gets executed.

  5. If PHP finds that the REQUEST method is not POST, it checks if the session variables are set. If so, they are rendered along with the fresh copy of form.

  6. Now even if the form is refreshed, you have successfully averted the possibility of resubmission.

Example

下面是使用 PRG 技术的 PHP 代码−

Here is the PHP code that uses the PRG technique −

<?php
   session_start();
   if (isset($_POST["submit"])) {
      $_SESSION['fname'] = $_POST['first_name'];
      $_SESSION['lname'] = $_POST['last_name'];
      header("Location: hello.php");
      exit;
   }
   if (isset($_SESSION["fname"])) {
      echo "First name: " . $_SESSION['fname'] . " " . "Last Name: " . $_SESSION['lname'] . "";
      unset($_SESSION["fname"]); unset($_SESSION["lname"]);
   }
?>

<html>
<body>
   <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
      First Name: <input type="text" name="first_name">  <br />
      Last Name: <input type="text" name="last_name" />
      <button type="submit" name="submit">Submit</button>
   </form>
</body>
</html>