Juergen

Template caching and deactivating post and get variables - How to?

Recommended Posts

Hello @ all,

I have a page with a contact form, which is cached. After submitting the form the cache is active.  I use the template cache. There is the possibility to add deactivating cache disabling post and get variables.

So I have included a hidden field in the template:

<input type='hidden' id='aftersub' name='aftersub' value='1'/>

Then I added the hidden field to the post fields of the template cache tab, but the template cache will not be disabled after submission.

I am not a PHP-pro, so can anyone tell me how to use the cache disabling variables correctly?

Thanks in advance

Share this post


Link to post
Share on other sites

The field is hidden. I think this could be the problem because all none hidden data will be submitted, but the value of the hiddenfield not.

Share this post


Link to post
Share on other sites

Why would a hidden field not be submitted? Keep in mind that the caching does work on post/get data in the http request, so it does need to be submitted. 

Share this post


Link to post
Share on other sites

Anyway it doesnt work at all. I leave the page uncached. Thanks for your efforts.

Share this post


Link to post
Share on other sites

Do those fields get submitted if you deactivate cache entirely?

Share this post


Link to post
Share on other sites

What exactly is the problem?

If you may do a redirect after form processing, the post var is lost.

  • Like 1

Share this post


Link to post
Share on other sites

What exactly is the problem?

If you may do a redirect after form processing, the post var is lost.

Ok, this causes the problem. I use a redirect to the same page after there are no errors to prevent double form submission. After the redirect only the success message will be shown, but this only works if the cache is disabled. In my case I see the (empty) contact form again without the success message, because the page will be reloaded from the cache. This is the problem.

Share this post


Link to post
Share on other sites
$session->redirect('./?nocache=1', false);

Add that GET variable in your cache settings.

Alternatively use one time csrf tokens for double submit prevention:

// For your form
$name = $session->CSRF->getgetTokenName('contact');
$value = $session->CSRF->getSingleUseToken('contact');

// On submission, will throw after the first validation
try{
  $session->CSRF->validate('contact');
} catch (WireCSRFException $e) {
  // Double or invalid submit
}
  • Like 2

Share this post


Link to post
Share on other sites

CSRF doesn't work with a cached form.

The PRG post rdirect get is the best design pattern to prevent double submission in case of a refresh or going back in browser.

  • Like 1

Share this post


Link to post
Share on other sites

Thanks for your hints. I will leave the page uncached so I can use CSRF. The page loads quite fast so its not really necessary to use a cache.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.