• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

postdata expired question

B

bitt3n

Senior member
When the user submits a form on my site, and then upon the new page's loading, hits the back button, he gets the message "The page you are trying to view contains POSTDATA that has expired from the cache. If you resend the data etc. etc."

How do I stop this message from appearing? I do not want to resubmit the data when the user navigates backwards, and I do not need to show the data in the form.

Searching around, I found some advice which says:

add this to the top of the form page -

<?php
session_start();
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
?>

but for some reason I still get the POSTDATA expired message. Is this bad advice or maybe something more is required?

Searching further, I found this also:

after processing a POST request, use a redirect to send the browser to the results page. The browser will issue a GET request for the result page (and when the user clicks the back button, they will see the results of their earlier submission).

Here's an example from a PHP site I maintain. The POSTed form is processed, and the browser is redirected to issue a GET request for a 'thankyou' page.

//start of PHP form handler
<?
// process the form fields...
$email = $_REQUEST['email'] ;

// etc etc

// ...then finally
header("Location: http://www.somewhereelse.co.uk/formhandling/thankyou.html");
?>
//EOF

is this a good solution?

Ideally I want my page to work like vbulletin when you click 'back' after making a post: you don't get the POSTDATA message, and the form doesn't resubmit the POST data either.

Thanks for your help!
 
That first piece of advice was probably bad since, if I'm not mistaken, php puts anti-caching headers in by default anyways. Even then, disallowing cache is going the wrong direction, because you're forcing the browser to go back for the page again.

As far as I know, this will always happen whenever you go back to a page that was reached via an http POST. The logical solution then, is to make sure that pages that people will frequently be hitting the back button to get to are reached via GETs instead. Inserting the extra redirect in there should do it if implemented correctly, but it's an extra layer of complexity that you don't necessarily have to deal with. Another solution would be changing the page that lead to the page in question.

Presumeably it was a form that was submitted? You should be able to change the method attribute of the <form> tag to "GET" and the browser will put all the form info in the url instead. That should solve your problem in a simple way.

The only caveat is that if any of the form data is sensitive (passwords) this is a real security problem as the password will then be displayed in plaintext in the address bar and recorded in the browser history. It could also get ugly if you have a lot of hidden fields with nasty data in them.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top