Repost protection

[mbarbier]

Concerning repost (that is, sending POST data from the browser that has already been sent once, specifically for Game Chat messages):

If you simply reload the page, reposting is not done. However, if you click the Back button on the browser, and you resend the post data, it will repost, thus duplicating any message you sent to the Game Chat.

As a PHP programmer myself, I'd like to make a recommendation as to a way to prevent reposts for an entire session. On every form in every page in your site (if you have a good architecture this should be easy) put a hidden form field called 'postnum', set to the value of a SESSION variable called 'lastpost' plus one.

Then every time you find data in POST, check to see if $_POST['postnum'] is greater than $_SESSION['lastpost']. If it is not, then clear all data in POST. Otherwise, set 'lastpost' to the value of 'postnum', so that in your forms the new 'postnum' will be 'lastpost' + 1.


Note: It appears that you use POST rather than GET for querying for games. In that case it will be a bit more tricky since you'll want to be able to repost your queries but you should still be able to do it.

[beav77]

Concerning repost (that is, sending POST data from the browser that has already been sent once, specifically for Game Chat messages):

If you simply reload the page, reposting is not done. However, if you click the Back button on the browser, and you resend the post data, it will repost, thus duplicating any message you sent to the Game Chat.

As a PHP programmer myself, I'd like to make a recommendation as to a way to prevent reposts for an entire session. On every form in every page in your site (if you have a good architecture this should be easy) put a hidden form field called 'postnum', set to the value of a SESSION variable called 'lastpost' plus one.

Then every time you find data in POST, check to see if $_POST['postnum'] is greater than $_SESSION['lastpost']. If it is not, then clear all data in POST. Otherwise, set 'lastpost' to the value of 'postnum', so that in your forms the new 'postnum' will be 'lastpost' + 1.


Note: It appears that you use POST rather than GET for querying for games. In that case it will be a bit more tricky since you'll want to be able to repost your queries but you should still be able to do it.

ummm... i'd agree with you, but cant say i understood a word you said

[lackattack]

I've put in some duplicate submit countermeasures in a few problem places. Are you finding people making duplicate post to game chat. I have a block on that but I guess I didn't code it too well.

[AndyDufresne]

I believe when you refresh with the browser button, anything you previously said is submitted once again. At least, I recall doing that a few times on accident.


--Andy

[lackattack]

It doesn't post again for me.

I programmed it to check that the previous message isn't identical before saving.

I wonder why it only works sometimes...

[joeyjordison]

ive never had the problem of reposting except wen my internet is slow if u repeatedly click post then it will post it numerous times in game chat.

[mbarbier]

Just happened to me again, just now.

I typed a message into the game chat. Then I clicked on a player's feedback, and poked around there for a minute or so. Then I clicked the Back button on my browser to return to the game. It posted my message again.

As I've already said, this is not a particularly tough thing to prevent.

[RobinJ]

Have to confess that it happens to me quite a lot

[Genghis Khan CA]

If I press the in-game "refresh map" button I have no problems. However if I press the refresh button on my browser, anything I have just typed in game chat will be repeated.

[yeti_c]

Also this can occur when clicking options on the GM menu for Stocksrs script...

My advice is to set the options before you start your turn...

You can duplicate attacks by clicking options there... generally though the last post data is out of date and will result in an illegal attack or similar - fortunately lack has coded each of the DD's to be named differently so the validation works with doing dubious things - so it's not too much of an issue!

C.

[AK_iceman]

It doesn't post again for me.

I programmed it to check that the previous message isn't identical before saving.

I wonder why it only works sometimes...

Ahhh... sometimes when I'm typing fast I forget to turn off team chat, and then I have to change the sentence somewhat to re-post it as regular chat.

For the people who refresh and post the same thing twice, don't use the browser refresh, use the game refresh right above the players names on the screen and that won't happen.