Post by ddcpitt on Dec 1, 2012 6:34:13 GMT -5
I am trying to figure out which of the following two scenarios is better practice, or if there is a better alternative to both. Is it better to display a success/error message with the risk of the user possibly refreshing the page and receiving a separate error message or is it better to redirect the user to a new page and remove the possibility of the user refreshing the page with the POST data at the expense of not displaying a confirmation message and redirecting the user to a different page?
Scenario one is to query the database for the information from the insert that the user just submitted and make sure it is in there, such as by running:
The problem with this is if the user refreshes that page, it tries to add the user to the database again. In my program, I have it check to see the user's information is already in the database, so if the user refreshes the page, an error message is displayed saying "Username already exists." This works and no data is changed or added in the database, but it is a small bug I suppose.
In scenario two, I can redirect the page to a different page, such as the login page, by using:
Thanks in advance!
Scenario one is to query the database for the information from the insert that the user just submitted and make sure it is in there, such as by running:
$sql = mysql_query(SELECT * from users WHERE username='" . $_POST['username'] . "' LIMIT 1;)
Then I verify that 1 row has been returned from the query and display a message saying "Account successfully created. Go to the login page." and the user can click to go to the login page. If a row was not returned and the information never got entered into the database, an error message is displayed.The problem with this is if the user refreshes that page, it tries to add the user to the database again. In my program, I have it check to see the user's information is already in the database, so if the user refreshes the page, an error message is displayed saying "Username already exists." This works and no data is changed or added in the database, but it is a small bug I suppose.
In scenario two, I can redirect the page to a different page, such as the login page, by using:
header('Location: login.php');
By doing this, there is no sort of confirmation message displayed to the user saying that their account was successfully created, though, which might confuse the user. I guess an error message should be displayed if using "or die()" when performing the insert, but no confirmation would be displayed.Thanks in advance!