I have a contact form that will resubmit data if you refresh the page, so I added header("Location: http://www.example.com/form.php"); at the end of it so the page redirects back to itself and ultimately resets the form, preventing it from being submitted multiple times. It works exactly how I want it to on my local Apache server, but when I use the same code on an Nginx server, the form stops working altogether. Removing header("Location: http://www.example.com/form.php"); allows the form to work on the Nginx server, but then I will still have the resubmitting issue.
Is there a way to get header redirects to work with Nginx? If not, is there an alternative way to prevent my form from being resubmitted when people refresh the page?
Note: I tried adding header("HTTP/1.0 301 Moved Permanently"); on the line above header("Location: http://www.example.com/form.php");, as that was a possible solution I found, but it didn't solve anything.
EDIT: I put example.com in my post as I didn't want to put the real URL I am redirecting to.
Here is some code:
<?php
// define variables and set to empty values
$firstnameErr = $lastnameErr = $emailErr = $companyErr = "";
$firstname = $lastname = $email = $company = $comments = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$error = false;
//Verifying first name input
if (empty($_POST["firstname"])) {
$firstnameErr = "First name is required";
$error = true;
} else {
$firstname = test_input($_POST["firstname"]);
// Check if first name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/", $firstname)) {
$firstnameErr = "Only letters and white space allowed";
$error = true;
}
}
//Verifying last name input
if (empty($_POST["lastname"])) {
$lastnameErr = "Last name is required";
$error = true;
} else {
$lastname = test_input($_POST["lastname"]);
// Check if last name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/", $lastname)) {
$lastnameErr = "Only letters and white space allowed";
$error = true;
}
}
//Verifying email input
if (empty($_POST["email"])) {
$emailErr = "Email is required";
$error = true;
} else {
$email = test_input($_POST["email"]);
// Check if email is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
$error = true;
}
}
//Verifying company input
if (empty($_POST["company"])) {
$companyErr = "Company name is required";
$error = true;
} else {
$company = test_input($_POST["company"]);
}
//Verifying comments input (empty input is allowed)
if (empty($_POST["comments"])) {
$comments = "";
} else {
$comments = test_input($_POST["comments"]);
}
if (!$error){
// Email sent to me
mail("example@example.com", "Email subject", "Email message");
// Confirmation email to potential client
mail("example@example.com", "Email subject", "Email message");
}
// Loads new, empty form (otherwise refreshing page will resubmit form)
header("HTTP/1.0 301 Moved Permanently");
header("Location: http://www.example.com/request.php");
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
<label>Name*</label>
<input type="text" name="firstname" placeholder="First" size="20">
<span class="error"><?php echo $firstnameErr;?></span>
<input type="text" name="lastname" placeholder="Last" size="20" class="form-control">
<span class="error"><?php echo $lastnameErr;?></span>
<label>Email*</label>
<input type="text" name="email" placeholder="Email" size="50" class="form-control">
<span class="error"><?php echo $emailErr;?></span>
<label>Company*</label>
<input type="text" name="company" placeholder="Company" size="50" class="form-control">
<span class="error"><?php echo $companyErr;?></span>
<label>Comments</label>
<textarea rows="4" name="comments" placeholder="Comments..." class="form-control"></textarea>
<br>
<input type="submit" value="Submit" class="submit-btn">
</form>
