Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Tokenizer to prevent double posting of data (and rerunning validation routines)
Tokenizer to prevent double posting of data (and rerunning validation routines)
  • El Forum
    Guest
  •  
#1
08-07-2008, 04:26 PM

[eluser]drewbee[/eluser]
Hello again everyone!

As I go through code igniter even further, I have come up with this nice little trinket to prevent double posting of data. Should a user double post data, the 'success' message will still be displayed (without running validation / queries again). If anyone can see any issues with this, please let me know. The difference with this is that the form will still hold the 'post' data within it (no redirects).

Note: requires session & validation Libraries

CIEXT_Validation
Code:
function run()
    {
        
        // If were not using the tokenizer, simply run the normal run() method
        if ($this->_tokenizer == FALSE)
        {
            return parent::run();
        }
        // Set the tokenizer on initial form load

        if (count($_POST) == 0)
        {
            $this->CI->session->set_userdata('tokenizer', md5(time()));
        }
        // If our tokenizer is set to 1 via the tokenizer_posted method, set our 'tokenizer double posted' variable to true
        elseif ($this->CI->session->userdata('tokenizer') == '1')
        {
            $this->_tokenizer_dp = TRUE;
        }

        // If we havn't double posted, run the parent validation, and set our value posted, otherwise return TRUE
        if ($this->_tokenizer_dp == FALSE)
        {    
            if (parent::run() == TRUE)
            {
                $this->tokenizer_posted();
                return TRUE;
            }
            else
            {
                return FALSE;
            }
        }
        else
        {
            return parent::run();
        }
        
    }
    
    function use_tokenizer()
    {
        $this->_tokenizer = TRUE;
    }
    
    function tokenizer_posted()
    {
        $this->CI->session->set_userdata('tokenizer', '1');
    }

Controller:
Code:
// Yay! Were using the tokenizer!!
        $this->validation->use_tokenizer();
        
        // Call our run() -- Remember, it returns true after a double post and validation has already run
        if ($this->validation->run() == TRUE)
        {
            // If were not double posting
            if ($this->validation->_tokenizer_dp == FALSE)
            {
                $this->process_form();
            }
            // 'replace' our registration form with the successfull mess
            $message = array('title' => 'Form Successfully Submitted!', 'message' => 'Your form has been successfully submitted blah blah blah');
            $this->template->replaceTemplate('message', 'registration', $message);
            
        }
        
        $this->template->draw();

Pretty Neat, I think. However, I can already see one issue that I need to do checking against... and that is if the user idles on the site and looses the session value... and the form has already been posted I will end up with an undefined index.

Can anyone else see any other issues with this? (sorry about the templating thing, but the general idea behind CI's controller process is there)


Messages In This Thread
Tokenizer to prevent double posting of data (and rerunning validation routines) - by El Forum - 08-07-2008, 04:26 PM



Theme © iAndrew 2016 - Forum software by © MyBB