tags:

views:

215

answers:

2

Hello,

I want to ask a best practice question. Suppose I have a form in php with 3 fields say name, email and comment. I submit the form via POST. In PHP I try and insert the date into the database. Suppose the insertion fails. I should now show the user an error and display the form filled in with the data he previously inserted so he can correct his error. Showing the form in it's initial state won't do. So I display the form and the 3 fields are now filled in from PHP with echo or such. Now if I click refresh I get a message saying "Are you sure you want to resend information?". OK. Suppose after I insert the data I don't carry on but I redirect to the same page but with the necessary parameters in the query string. This makes the message go away but I have to carry 3 parameters in the query string.

So my question is:

How is it better to do this? I want to not carry around lots of parameters in the query string but also not get that error. How can this be done? Should I use cookies to store the form information.

+1  A: 

Your first scenario seems the most valid.

i.e.

User submits the form

Some problem prevents submission, so form is re-displayed

If user "refreshes" they see the usual message about re-sending information (although their most likely path of progression is to re-submit the form that you are kindly re-populating for them).

The "Are you sure you want to resend information?" message is perfectly valid in the event of someone refreshing the page after a form submission, so don't write code to specifically break this behaviour.

Sohnee
A: 

I think generally people would temporarily store the submitted data in a session variable, and send the data back to the client.

Maybe it is besides the point but you mentioned "wrong dates", and I think many would say you should arrange things so that the user cannot unintentionally send you wrong dates.

Cups
Where did I use "wrong dates"?
Para
OK, you didn't I am wrong to have used quotes as I did - but that is what I thought you implied when you said : "In PHP I try and insert the date into the database. Suppose the insertion fails."
Cups