duplicate data insert in CodeIgniter
I am just inserting data in codeigniter controller part at pastebin http://pastebin.com/KBtqrAkZ
public function add_product()
{
$this->lang->load('log_in', 'english');
log_in_check($this->lang->line('log_in_authentication_error'), 'admin/log_in');
$this->lang->load('common', 'english');
$data['title'] = $this->lang->line('admin_index_title');
$this->load->view('admin_template/header', $data);
$this->load->view('admin_template/left_menu');
$data['error_msg'] = '';
if ($this->form_validation->run('add_product') === TRUE)
{
$this->admin_model->add_product($this->input->post());
$this->session->set_flashdata('status_msg', $this->lang->line('add_product_success'));
redirect(uri_string(), 'refresh');
exit ;
$data['error_msg'] = $this->lang->line('add_product_invalid_data');
}
$this->load->view('admin/add_product');
//$this->load->view('admin_template/notification');
$this->load->view('admin_template/footer');
}
Than my model part is simple add at pastebin http://pastebin.com/WiLHV2sr
public function add_product($data = array())
{
$this->db->insert('ishop_product', $data);
return $this->db->insert_id();
}
my problem is after redirecting if I press ctrl + F5 or F5 than the data is inserting. I am a new in codeigniter. Help me please. Any help will be greatly appreciated.
Answer
This is the Double Submit Problem.
There are several ways of dealing with it:
The Post / Redirect / Get pattern: Breaks the back button, and it does not keep your user from going back far enough to submit again. Does not handle multiple clicks.
Disable the submit button: Handles multiple clicks some of the time, but does not fix the user going back and submitting again.
Store a token in the session: If you have multiple tabs open in the browser, the token stored in the session may get mixed up. (Note: It may be possible to create browser tab specific cookies using javascript, but I have not tried it myself.)
Change the database to not allow duplicates: The best solution, but also the most effort. If it detects a set of duplicate data, ignore the second request.
Unique transaction id: Described on this PHP hacks page, and on this answer.
Multiple tokens in the session: A variation on option 3. If you store all generated tokens in the session, you don't need to involve the database. The probability of a duplicate is much lower, given that tokens are unique inside a session. Possible problems include the set of tokens growing out of control. Maybe fixable with a limited size stack where you add to the top of the stack, and extra tokens fall off the bottom. Untested.
--
I like the unique transaction id method. It works like this:
Generate a random
transaction_idand put it in your web form. It goes along when the user clickssubmit.When you receive the request to add a product, check for the
transaction_idin the transaction table.If the id does not exist in the table, do the transaction, and insert the transaction_id into the table.
If the id does exist in the table, the transaction is already done.
You should also search for [double-submit-prevention] in to see if you can find an even better solution.