I am creating a quiz game in PHP.
I maintain a session from the start to the end of the quiz.
When the user clicks on the back button in the middle of the quiz
It display a page with message
"Confirm Form Resubmission This web page requires data that you entered earlier in order to be properly displayed"
So, I m trying to keep it on the same page on click of back button
I have handled the "onbeforeunload" event & it's firing up too.
code snippet
Redirectpage
{
javascript:window.history.forward(1);
}
but still am getting the same error?
thankyou folks.
Your page does not have rights to control the browser. OnbeforeUnload you can alert user and return false to stay on the page. Otherwise you cannot do much on it except expiring the previous page, so that user cannot go to previous page.
Two possible solutions:
Don't use use post, that's what causes the warning, if you submit using get, you won't get the warning.
If you can't do that:
Use AJAX instead of posting and replacing the entire page. That is so 1990s and leads to very confusing code. Keep state on the client. It doesn't seem you have a need to bookmark each of the pages, and if you did, you'd have to learn how to handle back button within an AJAX app. Here's one solution: http://www.zedwood.com/article/101/ajax-back-button-fix
Related
I've designed a forum on my website that operates through AJAX requests therefore the URL does not change at all. You click a button, the AJAX requests a PHP file, and the response updates the client. This works for me - however, I need to know if it's possible to redirect a user through a series of AJAX requests after a form submission.
User enters forum.php page
User clicks on topic button (AJAX request to load threads)
User clicks on thread title (AJAX request to load replies)
User clicks on reply button (AJAX request to load text editor)
User clicks on submit (AJAX request to submit form)
At this point I want to redirect the user back to that specific thread - therefore I believe they would need to be directed through a series of AJAX requests. Is this possible?
Extra: Also if you believe this forum process is not efficient please let me know your opinions.
Seems you have a few options:
continue to use Ajax for the submit, so no need to redirect. (EDIT: sounds like you are already doing this, so the problem is probably you are discarding the content you want to display, rather than just hiding it temporarily)
implement a way to load a page directly to the forum. This would be in addition to the ajax call. You would track the forum ID, include it in $_POST parameters, and have the server redirect to the appropriate URL.
Generate javascript (or approriate fields/data for your fixed javascript to use) that will cause the page, when reloaded, to automatically make the necessary AJAX calls.
Skip Ajax and just use full page loads for everything
Mixing things up, by sometimes using Ajax and sometimes using a page load isn't ideal, but it is sometimes difficult to avoid completely.
Keep in mind what happens when user hits the BACK button or history in the browser. Do you want them to leave your app when hitting back? They can end up in a weird place mixing ajax/page loads. For this reason, people favor (4)
(2) is probably a lot of work.
(1) would be ok, and BACK button will just always take the user WAY BACK to some other website. Personally, that wouldn't bother me.
(3) would be a pain and also be slow, and then you get pretty weird forward/back behavior. Avoid.
(4) might just be best.
I am working on a my site to allow users to take test so they can see how much they know of a particular subject. I am running into a little problem though. Once a user submits the test for grading, how do I prevent them from going back to the test page? I am on a Mac with Safari running and when I click the back button in my web browser after I submit the test it leaves all of the answers I answered filled out. I want it do this: When a user submits a test and they click the back button in their web browser it redirects them to the main test page.
I am using PHP and MYSQL. I even have the test pages setup so that the user must come from a certain url (I am using HTTP_REFERER) and I have tried other stuff such as sessions but I cannot seem to figure this out. Any help is greatly appreciated.
You don't stop them.
Instead change your application so that it still works even if they go back. You can embed a unique number in a hidden field on the page and if they resubmit the same test twice you can detect it and display an appropriate error message. You should also think about what should happen if they modify the unique number.
If you don't want people to post different answers once they have already answered, all you have to do is check, in the script that accepts the test for grading, that the user has never submitted the test before. If you don't, a clever student will always be able to to circumvent your protection by sending an appropriate request directly to that script.
If you don't want people to see previous answers (for instance, if you have two people grade their tests on the same computer), consider using AJAX on the test page to submit the answers and then erase them from the fields. This way, most browsers will not remember the answers and the back button will not un-erase data that was erased by JavaScript.
At the top of the grade page, put the following:
session_start();
$_SESSION['testcomplete'] = 'yes';
Then at the top of each page of the test, put this:
session_start()
if ($_SESSION['testcomplete'] == 'yes') {
header("Location:cheater.php");
}
You could simulate there being no page to go back to. From one page, generate each test page using jQuery, and provide no way to go back, only forward. The back button would take them to the page before they ever launched the test, and you could allow them to launch the test again and generate the right part where they should be. This would be pretty easy, if you haven't gone too far in development the current way.
You could run javascript that clears out all the answers. You might also just allow one submission so that subsequent submissions don't get processed. HTTP_REFERER is usually sent, but can be spoofed and forged by an altered browser.
On the top of the script POST-ing the answers, do a check whether you have the test results in the database for the current user for this test. If you do, redirect to results.
if(get_test_results($user)){
$test_url = get_test_url($user);
header( "Location: $test_url" ) ;
}
Disabling the back button is not a good idea.
I was facing a similar problem making an online examination myself
what I did is
I provided a session variable such that if the user pastes the previous page's URL in the address bar then on loading the page the page is automatically forwards to the next desired page. Whether the page whose URL was mentioned is the being visited the first time or being revisited is determined by the value of the session variable
If the user instead of loading the page does a go back via the browser button the it automatically redirects to the next page in history as :
javascript:window.history.forward(1);
Hope this helps :)
http://www.htmlgoodies.com/tutorials/buttons/article.php/3478911/Disabling-the-Back-Button.htm you should be able to do it in javascript.
My question is it possible to display a message if browser buttons have been pressed in order to be able to display a message stating if user should leave the page or stay on a page? Also can a message be displayed if user tries to change a url if they are on a certain page?
Thanks
Server side is needed for foolproofing this. On the server, when assessment is started, you should first have start screen URL. You must program it so that once assessment is started (after clicking start), it goes to the exam URL, and your assessment is always saved - when user goes back, using server side tricks have it so that instead of showing the start screen, it redirects back to the correct page (in a way that still maintains history), shows the exam with the data still in it, and pops up the warning not to click back button. Then, if user does it again, it does the same thing, again.
You have to have it so the exam is saved all the time. unload javascript event can be used to notify via alert() that they shouldn't be leaving the exam, and thats about all. onbeforeunload event can be used to try to give them the choice to stay, but shouldn't be depended on as it doesn't work on every browser.
Use onbeforeunload as suggested in a comment. There are various example, like this one: https://web.archive.org/web/20211028110528/http://www.4guysfromrolla.com/demos/OnBeforeUnloadDemo1.htm
If you want to call out the buttons that the user must click, you will need to do some browser detection, as most browsers have OK/Cancel buttons on the window that they display, but Chrome has "Leave this page" and "Stay on this page".
My site uses a combo of sessions and get/post.
When user hits back button, it says "confirm you want to resubmit form" or a similar message, depending on the browser. Then the user has to also refresh the page.
How can I make it automatically resubmit form. I don't want users seeing this message and getting stuck when they hit back.
I have PHP + HTML
you can use get method in post method resubmit message is appear and if you want to use post method then on server page use header such as header('location:index.php') and change index page that you want.
Not answering your question, but do reconsider.
POST actions should change the state of the server. GET actions should be transparent. If you're using a POST to submit data to commit to a database or launch nuclear missiles or whatever, the resubmit warning exists for a reason: imagine your embarrassment when you launch two nuclear missiles, but was only trying to launch one.
GET actions, on the other hand, by their specification, should never meaningfully impact the world, so the resubmission is safe. If there is something the user is allowed to go back to, it's a GET page. A POST page should not be returnable-to using the back button (or rather, the user should be made aware of it).
If you have to suppress this warning, you are doing something wrong.
I have an application and the problem I have is with the back brower buttons, if the user cliks on a back browser, then it would mess things up in the application.
So I want to do either 2 things:
Solution 1: I have found a site where it shows the javascript code for disabling back buttons on all browsers. Obviously you need javascript enabled for this to work but my application won't work very well without javascript anyway so this won't be a problem (I include a warning in each page in my application stating javascript must be enabled in order to use the app)
Solution 2: IF the user does click on the back button at any time, then it will navigate the user to the safety.php page where on this page it will inform the user that they can't use the browser back button, then it will destroy all of the sessions so that the user is logged out. If they want to use the app again then they will have to login again and use the app from the beginning.
My question is that out of both solutions, which one would be better to use? My application is where a teacher creates an online assessment, creating the assessments detials (start time/ duration date etc) and creating the questions and answers for each assesment (could be single or multiple assessments)
Disabling the back button is generally poor usability practice. Your best bet is to manipulate the history object (search pushState if you're not familiar with these methods) so that hitting the back button would return them to a page outside your experience, or however you're accomplishing "Solution 2", but warn them that they are leaving the "logged in" section before they actually leave the page, so that they can choose to stay, using confirm() or a custom pop-up.
use javascript in the first place to prevent adding the location to the history list.
catch the onclick event of the proper link, and use document.location.replace("next_page.html");
so this way, when a user clicks the back button he would leave your site, rather then going back and messing up your app.
also: you can catch the unload event of the page where the user presses back button, so that you can confirm the user for exiting.