关于页面刷新重复提交的问题和isset的问题
<form action='<?php $_SERVER['PHP_SELF'] ?>' method='post'>
Picture: <input type="text" id="appimg" name="img">
URl: <input type="text" id="apphref" name="url" value="">
<input type="hidden" name="action" value="submitted">
<input type="submit" value="submit">
</form>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
if(isset($_POST['img']) && isset($_POST['url']))
{
$img = $_POST['img'];
$url = $_POST['url'];
$query = sprintf('INSERT INTO pic(pic,url)'.
'VALUES ("%s","%s")',$img,$url);
if(!$result = mysql_query($query))
{
die('Could not insert into the database:'.mysql_error());
}
}
}
?>
为什么我填入img或者url为空,也能提交成功,if(isset($_POST['img']) && isset($_POST['url'])) 这个语句有错吗?
另外如何防止刷新重复提交,请大神帮助改下代码!!!!
------解决方案--------------------
<?php
session_start();
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
if($_POST['token'] != $_SESSION['token'])
{
die('Token mismatch');
}
unset($_SESSION['token']);
if($_POST['img'] && $_POST['url'])
{
$img = $_POST['img'];
$url = $_POST['url'];
$query = sprintf('INSERT INTO pic(pic,url)'.
'VALUES ("%s","%s")',$img,$url);
if(!$result = mysql_query($query))
{
die('Could not insert into the database:'.mysql_error());
}
}
}
$token = md5(mt_rand(0, 65535));
$_SESSION['token'] = $token;
?>
<form action='<?php $_SERVER['PHP_SELF'] ?>' method='post'>
Picture: <input type="text" id="appimg" name="img">
URl: <input type="text" id="apphref" name="url" value="">
<input type="hidden" name="action" value="submitted">
<input type="hidden" name="token" value="<?php echo $token?>">
<input type="submit" value="submit">
</form>