Detecting refresh

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is there any reasonably easy and reasonably accurate way for a CGI
script to detect that it has been called as a result of the user
pressing Refresh/Reload? (after a prior POST)

I doubt that the answer will involve HTML, but since I'm not sure if it
can be done at all, and may involve HTML, cookies, JavaScript and
goodness knows what else, I decided to start here.

Incidentally, this is for my own use of my own webpages, so you can
assume that both JavaScript and cookies are enabled.

So far, the only scheme that I've managed to come up with involves using
JavaScript to set a POST variable to the submitter's current time. Then
the server rejects it if it is not close to the servers time. This will
work for me, as I'm in the same timezone as the server, and both my PC
and the server synchronise their clocks with reliable timeservers. It's
a bit "Heath-Robinson" though, and would fail if I ever travelled far.

Steve Swift

Re: Detecting refresh

Swifty schrieb am 16.12.2008 08:44:
Quoted text here. Click to load it

I think you want to avoid a doublicated submit.

Simple sollution: process the POST data and send the user a http-redirect.
An User can now reload the page, but this request has no further POST
data wich will make trouble.

Mit freundlichen Grüßen
Holger Jeromin

Re: Detecting refresh

Holger Jeromin wrote:
Quoted text here. Click to load it

I thought about that, but during the POST operation, I generate a list
of what happened. If I send a redirect back at the end of the POST
processing, then I have to store the list somewhere, so the redirected
session can find it. This seems likely to cause problems. I suppose I
could send back a whole bunch of Set-Cookie: headers, followed by the
redirect, and then extract the list from the cookies...

I'll try this and see if I like it. Thanks!

Steve Swift

Re: Detecting refresh

Swifty wrote:
Quoted text here. Click to load it

It doesn't...what you what to do is Google "sessions", if using PHP,
"PHP sessions"

Take care,


Re: Detecting refresh

Quoted text here. Click to load it

Maybe I have an idea with using database.
1) in CGI script generate some unique key, say perl time() string or if you
expect a huge activity on server, then use Time::HiRes module.
2) store this key to database and set second field, say called "used" to zero.
3) generate your form by CGI script and add generated key as hidden input
4) when form is send then at first look for key in database and if field "used"
is 0 then set this to 1 and perform operations as needed. When "used" is already
set to 1 then user sent form more then once and you can do nothing.

Petr Vileta, Czech republic
(My server rejects all messages from Yahoo and Hotmail.
Send me your mail from another non-spammer site please.)
Please reply to <petr AT practisoft DOT cz>

Re: Detecting refresh

Petr Vileta "fidokomik" wrote:
Quoted text here. Click to load it

Yes, that's nice and simple. The form is already generated by a CGI
script (in general, all my forms are generated, and then the POST
handled by the same script, so I don't have to change two "things" when
I add extra fields). In the server, I can save the REMOTE_ADDR and the
TIME (that the form was built) to guarantee uniqueness. Then, upon every
POST, I check if the addr/time value is already known, and reject the
POST if so.

This just leaves me with the problem of knowing when I can expire old
entries from the database, but I can probably afford to keep them for
weeks, if not months.

Thanks for your good idea.

Steve Swift

Site Timeline