What are some methods for ensuring that users can only submit an HTML form once using PHP?

To ensure that users can only submit an HTML form once using PHP, you can generate a unique token when the form is loaded and store it in a session variable. When the form is submitted, check if the submitted token matches the one stored in the session. If they match, process the form data; if not, display an error message.

&lt;?php
session_start();

if ($_SERVER[&#039;REQUEST_METHOD&#039;] == &#039;POST&#039;) {
    if (!isset($_SESSION[&#039;token&#039;]) || empty($_SESSION[&#039;token&#039;]) || $_POST[&#039;token&#039;] !== $_SESSION[&#039;token&#039;]) {
        echo &#039;Form submission error. Please try again.&#039;;
        exit;
    }

    // Process form data here

    unset($_SESSION[&#039;token&#039;]);
} else {
    $token = bin2hex(random_bytes(16));
    $_SESSION[&#039;token&#039;] = $token;
}
?&gt;

&lt;form method=&quot;post&quot; action=&quot;&quot;&gt;
    &lt;input type=&quot;hidden&quot; name=&quot;token&quot; value=&quot;&lt;?php echo $_SESSION[&#039;token&#039;]; ?&gt;&quot;&gt;
    &lt;!-- Other form fields go here --&gt;
    &lt;button type=&quot;submit&quot;&gt;Submit&lt;/button&gt;
&lt;/form&gt;

Keywords

CSRF token session management form submission validation duplicate submission

What are some methods for ensuring that users can only submit an HTML form once using PHP?

Keywords

Related Questions