Estimated reading: 3 minutes 418 views

PHP Post–Redirect–Get (PRG) – Prevent Duplicate Form Submissions

Implement the PRG pattern in PHP to enhance UX and avoid form resubmission on page refresh.

Introduction – Why PRG Matters in PHP Forms

If a user submits a form and then refreshes the page, most browsers will warn that resubmitting the form could lead to duplicate entries. This happens when a form submitted via POST is re-sent on refresh. The Post–Redirect–Get (PRG) pattern is a proven solution to this common problem.

In this guide, you’ll learn:

What PRG is and why it’s useful
How to implement PRG in PHP
How PRG improves UX and data consistency
Best practices for using PRG in form handling

PHP Post–Redirect–Get (PRG)

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Process form data here
    header("Location: thank-you.php");
    exit;
}

PRG prevents form resubmission if the user refreshes the page after a POST request.
Use header("Location: ...") after processing and before outputting anything.

How PRG Works – Step-by-Step

POST: User submits a form → PHP processes the data
Redirect: PHP sends a Location: header to a new page (GET request)
GET: User lands on a new URL with a fresh state (no form data)

PRG Implementation Example

Form Page (`form.php`)

<form action="form.php" method="post">
  <input name="username">
  <input type="submit" value="Submit">
</form>

PRG Logic (`form.php`)

session_start();

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $_SESSION['flash'] = "Form submitted successfully!";
    header("Location: form.php");
    exit;
}

if (isset($_SESSION['flash'])) {
    echo "<p>" . $_SESSION['flash'] . "</p>";
    unset($_SESSION['flash']);
}

This pattern:

Processes the form
Redirects the user
Displays a one-time flash message

Why Use PRG?

Benefit	Description
Prevents duplicate submissions	No repeat insertions if the user refreshes the page
Clean URL behavior	Ends on a `GET` request with no visible POST data
Allows flash messaging	Temporarily store success/failure messages in session

Common Mistakes to Avoid

Echoing output before calling header("Location:")
Not calling exit after redirect — it can cause unexpected behavior
Forgetting to unset session flash messages after displaying

Summary – Recap & Next Steps

The PRG pattern is a best practice in PHP development, especially for handling form submissions. It enhances UX, prevents duplicate data, and enables flash messages for better user feedback.

Key Takeaways:

PRG = Post → Redirect → Get
Use it to prevent form resubmission on refresh
Combine with sessions for one-time flash messages
Always call exit after header("Location:")

Real-World Use Cases:
User registration, contact forms, checkout flows, login redirects, profile updates

Frequently Asked Questions (FAQs)

What does PRG stand for in PHP?
Post–Redirect–Get. It’s a design pattern used to prevent duplicate form submissions.

Why use header("Location: ...") after POST?
It sends the browser to a new page, clearing POST data from memory to prevent re-submission.

Do I need to call exit after redirect?
Yes. To stop PHP from continuing script execution after the header is sent.

Can I use PRG with flash messages?
Absolutely. Store temporary messages in $_SESSION and display them after redirect.

Is PRG useful for AJAX forms?
Not directly. PRG is for traditional page-based forms. Use JSON response handling for AJAX.

« Previous Next »

Share Now :