We have a Drupal 7 webform that redirects to a url upon successful submission.
What we need to do is redirect the user if they land on the same webform again and have already submitted.
Do we need a module for this, or do it programmatically?
Thanks in advance.
I looked through the webform module and didn't find any setting that will redirect the user if the user has already submitted a form, so I think you need to do it programmatically.
Note: It might be possible without a custom module by using the rules module. I haven't tried this.
To do it programmatically you could do something like below. It implements the hook_node_view() and checks if the user has already submitted anything by using the webform api function webform_get_submission_count(). (edit: the custom module in this example is called example_webform)
<?php
/**
* Implements hook_node_view().
*/
function example_webform_node_view($node, $view_mode, $langcode) {
global $user;
module_load_include('inc', 'webform', 'includes/webform.submissions');
$submission_count = webform_get_submission_count($node->nid, $user->uid);
if (!empty($submission_count) && $submission_count > 0) {
$redirect = $node->webform['redirect_url'];
drupal_goto($redirect);
}
}
As it is now it will reuse the page that is used when the form is submitted, so if you choose to do this remember to make the success page reflect this. (E.g. it would be strange for the success page to say "your post has been saved" if the user lands on it for the second time.) Or you could replace the $redirect with another page than the one from the webform setting.
Also note that the webform will still add the message "You have already submitted this form. View your previous submissions." if this is enabled.
So here is the solution that we ended up going with.
I saved the webform and made it available as a block
I created a page to hold the webform
I configured the block to appear above the page content
In the page content I put in some javascript to detect if the form element was present - if not forward to the correct url
So the webform redirects correctly upon submission(set in the webform settings), and it then redirects if the user lands back on that page and has completed the webform.
Related
We would like to keep the ideas we have previously presented to (non logged in) clients, but which are no longer "current". We set them to being private WP posts, so that they are no longer available to non logged in users. However, we would like to redirect anyone who clicks on that original link to a page which shows all of the currently active ideas instead.
Research led me to the solution below, but in our case we need to redirect to a specific url in each case. Our theme (the amazing Total theme from WP Explorer/AJ) does have a field for the redirect url to be entered at post level, but actually the value of the url is determined by the value of a custom taxonomy on a post ie all posts with that Taxonomy should redirect to the same url in all cases.
add_action('template_redirect', 'your_theme_private_posts_redirect', 99);
function your_theme_private_posts_redirect()
{
if (is_single() && 'private' == get_post_status(get_the_ID())) {
wp_safe_redirect(home_url());
exit();
}
}
Credit https://stackoverflow.com/questions/68954429/wordpress-how-to-redirect-private-custom-post-types
I understand that the above code would redirect all private posts to the home url, but how can I adapt it to do the following:
a) Only to apply to non logged in users and b)to set the url to be the value held in the redirect field on the post OR (better still) a custom field on the agency_artist custom taxonomy for that post. Hoping someone can help!
This question already has answers here:
Prevent user from seeing previously visited secured page after logout
(7 answers)
Closed 6 years ago.
I have a JSP page with a form where you fill up certain details. On submitting the form i call a servlet which then updates details in a database after that i redirect to a page i display a confirmation message to the user.
The problem i have here is when the user clicks back he goes to the form page again where if he clicks a submit button, it creates a new record in the database.
Consider this similar to a shopping cart example where in this case he would buy the same item twice. But the only problem here is i cannot handle this in backend, i.e. the database can never know a redundant operation is taking place.
I need to handle this from the client side.Bit weird but i have to do it this way.
Basically when the user clicks the back button i don't want him to be able to go to the form page and may be just to some other page.
This is a typical HTML form issue, you can solve it through any one of following methods
1) Server side (page expiration): Since you've mentioned that the page refreshes and goes to the confirmation. You can set no-cache and add a page expiration time as -1 to the page you have that form.
So that when user presses the back button, he will see that the page has expired. He will be forced to load the page freshly. This is the behavior that I see in most banking websites.
Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
2) Using turn Key method: When the form loads, you can generate a random key in session memory and also embed it as a hidden value in the page.
During form submission, check the submitted hidden key against the value in session. If exists, then add the entry to database otherwise you can reload the page with a fresh key for the user (who might have done that unintentionally).
In load balanced or web farms, consider persisting the turn key in Database against the current user.
3) Client Side (Not recommended) : You can restrict the user from using the browser back button by removing the page from the history. (One side effect is that it will remove the entire history for that browser tab/window)
history.pushState(null, null, document.title);
window.addEventListener('popstate', function () {
history.pushState(null, null, document.title);
});
If you need the same support for older browsers where push and pop states are not supported, you can use following snippet.
<script>
function preventBack() {
window.history.forward();
}
setTimeout("preventBack()", 0);
window.onunload = function() {
null
};
</script>
Before redirecting to the JSP page send these headers with the response from the controller so that the page is not stored in cache and the browser will always request a new page from the server.
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setDateHeader("Expires", 0);
So every time you go back to that page a new page will be requested from the server and will be displayed with the cleared input fields.
You could implement a PRG-Pattern (https://en.wikipedia.org/wiki/Post/Redirect/Get) using php.
Basically, after successfully submitting the form you redirect to a confirmation page which informs the user that their submission was successful/accepted/etc. and also set a variable which you can later use to check if said submission has been submitted yet.
When the user tries to reload said page or go back you can check the variable and display either the form again or the confirmation page based on if the submission has been submitted already.
I think following flow is the best:
Client submits data to server
Servlet processes it
It returns HTTP 303 redirect to client
Client redirects to success page
After this flow, refresh, back button will work properly.
For more information read Simple Post-Redirect-Get code example
I'd like to know how I can implement CSRF protection on a custom Magento front-end form (in the mage system and located under app/design/.../templates/page/' folder as a .phtml file) that POST's to another custom PHP page (not in the mage system and located at the root of the Magento folder) to handle the form post, send email, etc.
I already have the custom forms and handlers working fine. I just need to add CSRF protection to these forms and need some advice on how I can do this using Magento's built in CSRF keys. I fully understand how to add the keys to the forms .phtml pages, but I am not sure how to use the _validateFormKey() function in the form handler's php page (since it is not in the mage system).
I am asking if this is possible as I do not want to have to create a custom module with front-end page to handle the task since the forms .phtml and handler pages are already setup and working (without CSRF). And yes, I have already looked at this post: Magento CSRF protection.
Once Magento application has been initialized you should be able to access Magento request and session objects and validate the form key in your PHP script:
$requestFormKey = Mage::app()->getRequest()->getParam('form_key');
$sessionFormKey = Mage::getSingleton('core/session')->getFormKey();
if ($requestFormKey == $sessionFormKey) {
//go
}
I am showing quick create view of a custom Module Payment on a Button Click in the detail View of Accounts via DC menu load view in SugarCRM.
what i want is when i save values on clicking the save button for the QuickCreate View, i want to redirect the user to the newly created record.
In the after save logic hook for the payments module i have tries all these
1) Used JavaScript window.location.href for redirection
2) SugarApplication::redirect();
3) Changed values of $_POST['return_module'], $_POST['return_action'] and $_POST['return_id']
Yet after applying all of the Above in a correct way the page does not redirect. I am using AJAX UI for the Accounts Module.
If you use this customization http://support.sugarcrm.com/04_Find_Answers/03_Developers/100Customization/Modifying_Subpanel_Action_Buttons to redirect your user on full form instead of quick create, your code describe above should probably works.
I had found a workaround which is obviously not upgrade safe but does the trick.
what i did is created a logic hook on after_save for the CustomModule and indexed it to a bigger number like
$hook_array['after_save'][] = array(20,
In that hook after my custom logic finished i checked for the AJAX Call and finished the process like this
if($_REQUEST['is_ajax_call'] == 1)
{
echo '{"status":"redirect","url":"index.php?module=lev_payment_schedules&action=DetailView&record='.$bean->id.'&CreatePayment=true"}';
die();
}
Now in the DCMenu.js file located at
jssource\src_files\include\DashletContainer\Containers\DCMenu.js
i added a condition for the output i just echoed above.
In DCMenu.save function just in the switch ( returnData.status ) Block i added my custom case condition as
case 'redirect':
ajaxStatus.flashStatus(SUGAR.language.get('app_strings','LBL_SAVED'),2000);
window.location.href = returnData.url;
break;
This did the trick for me and the browser was redirected to the URL that i had supplied. i hope this helps someone.
When I click on a submit button i want the page to redirect to the following page?
header('Location: /pdp/policy-info.phtml');
I wrote the above code in the controller code but I am not able to redirect to the above page. it stays on the same page.
the filename is called policy-info.phtml in the view.
Also once I redirect, would I be able access my form values through $_POST?
Or is there an alternative.
ok it sounds to me like you may be missing a few concepts:
You will never redirect to a phtml file. (unless you have written some custom rewrite/route rules) Zend uses the MVC architecture, urls exist in this fashion: /module/controller/view/key1/value1/keyx/valuex/
generally zend urls don't terminate with file extensions. Also you will never directly call a view file from your browser.
In your form tag, you specify where the form submits to with the action attribute. For your url i'm assuming the pdp controller and policy-info action
action="/pdp/policy-info/"
If you want to redirect after a form submit from with your controller you would use:
$this->_redirect('/pdp/policy-info/');
# maybe you want to execute some code and then execute
# additional code in another controller without re-bootstrapping
$this->_forward('policy-info', 'pdp');
http://framework.zend.com/manual/en/zend.controller.action.html#zend.controller.action.utilmethods
If you redirect you will not have access to your POST unless you saved those values elsewhere (like in your session). If you forward, I believe the values will still be available in the second action.
actually there maybe a few ways to do what you want to do. I haven't tried this first method yet but it should work.
Render a new veiw script from your controller/action if isPost():
public function myAction(){
$form = My_Form();
$this->view->form = $form;
//if form is posted and submit = Submit
if ($this_request->isPost() && $this_request->getPost()->submit == 'Submit') {
if ($form->isValid($this->_request->getPost()) {
//this is where you want to capture form data
$data = $form->getValues();
//render a new viewscript or _forward to a new action and perform your processing there.
$this->render('path to phtml file');
//if user needs to press a button to accept submit = accept
...do some more stuff...
}
}
}
I think this or some variation will work.Note: I don't think _forward resets the request object, so your $_POST data should not be affected.
Also if this policy-info does not require additional input from the user and is just informational you could easily just _forward('action') to a blank action and the router will display the view script.