How to restrict refresh option?

Question

Hi, There is a problem. I don't want that people would be able to refresh one page on my site. How can I do it?

Answer 1

Refresh is a browser side solution. You can't restrict it from server side.

What you can do is actually to use PHP's SESSION to actually prevent people from visiting any page twice.

<?php

session_start();

if(!isset($_SESSION['disablethispage'])){
$_SESSION['disablethispage'] = true;
// serving the page first time

}else{
// visited before or page was refreshed

}

?>

However user is still able to come back to the same page if he/she removes your session cookie.

If you're talking about double posting, you might want to look at the POST-REDIRECT-GET Solution. See: http://en.wikipedia.org/wiki/Post/Redirect/Get

Answer 2

You cant. If you explain why you don't want people to be able to refresh the page, maybe we can explain a better solution.

Edit:

A nice solution to restricting refreshing post forms is to redirect the browser when you submit a form. It works like this:

• The form is on pageA.php and submits to pageB.php
• pageB.php does a header("Location: pageC.php"); after handling the form data (a 302 redirect)
• on pageC.php you display the result of the action the user performed.

The result is that if a user refreshes pageC.php, then the form is not submitted again. If the user hits the back button and then forward again, the browser reloads pageC.php, and so the form isn't submitted then either.

Answer 3

Try to store the last time they visited that page, like this:

<?php
session_start();
if(isset($_SESSION['last_visit']) && time() - $_SESSION['last_visit'] < 10) {
    die('Wait ten seconds before you reload this page');
}else{
    $_SESSION['last_visit'] = time();
}
?>

This will restrict page loads to one per ten seconds.

This method depends on that the user doesn't empty their cookies, so if you need a more strict solution you have to check the IP address and save that in a database, but that will require more server resources.