Search code examples
phpcurldoublesubmission

A PHP script that calls a REST API to create issues in a ticket system should only be called once


I have a rather specific problem.

I'm writing an app for the employee registration process in our company. Over the course of several forms, data about the requirements for the new employee is collected and entered into a MySQL database.

In the last step, one PHP script takes those pieces of information and creates multiple Tickets in our JIRA ticketsystem (via REST API) via cURL.

The webpage that does the cURL calls, also renders the result afterwards, i.e. links to the created tickets. If someone clicks a link, and then decides to press the "back" button of their browser, the whole script will run again.

How do I prevent this efficiently? I already have some ideas, but none of them seem really appropriate:
- Create even more info in database, i.e. status of each ticket, and then query this before deciding to run the cURL calls.
- Don't allow reaching the script by pressing the back button, via JS (actually this idea is complete rubbish, but I'll leave it here anyway.)
- Don't allow the user to call the script, but rather make the form send an email to me, that the information has been entered, so that I can run the script myself. Everytime...

I beg your pardon for this is not an "exact" question, but more about best practice. Though in my humble opinion, that's what forums are needed for, and not for things that you can read up in any documentation.

Greetings


Solution

  • Just an idea - using a session variable to ensure the curl request happens only once - you could alternatively ( or in conjunction with sessions ) store a boolean in the db against their name / user id to indicate they have completed the process.

    <?php
        if( !isset( $_SESSION['curl_ticket'] ) ){
            /* do the curl request */
    
            /* get response from request */
    
            /* set the session */
            $_SESSION['curl_ticket']=$some_id;
        }
    
    
        if( isset( $_SESSION['curl_ticket'] ) ){
            /* display ticket */    
        }
    ?>