Double posting a form
Moderator: General Moderators
- shiznatix
- DevNet Master
- Posts: 2745
- Joined: Tue Dec 28, 2004 5:57 pm
- Location: Tallinn, Estonia
- Contact:
Double posting a form
This has probably been discussed and whatnot but my searches yielded nothing...
how do you keep a user from double posting an html form? Something like keeping it from re-adding stuff to the database when a form is submitted.
how do you keep a user from double posting an html form? Something like keeping it from re-adding stuff to the database when a form is submitted.
- shiznatix
- DevNet Master
- Posts: 2745
- Joined: Tue Dec 28, 2004 5:57 pm
- Location: Tallinn, Estonia
- Contact:
No javascript. If the user has it turned off then it won't work 
...
maybe use a captcha on every form and if they entered the correct stuff then have it unset the session with the saved captcha info so if they re-submit it will fail the captcha requirements? Is there a better way?
the select won't work because there can be duplicates. the time delay is clever but if the user just refreshes the page after like 10 minutes it will double post it. i don't understand the create keys thing though, what do you mean?Jenk wrote:The options (that I can think of):
"select" checking for identical postings.
Time delay (e.g. this forum)
Create key's with duplicates disallowed, so upon insertion it fails, handle error appropriately.
...
maybe use a captcha on every form and if they entered the correct stuff then have it unset the session with the saved captcha info so if they re-submit it will fail the captcha requirements? Is there a better way?
By select, I mean literally 'select where columns = <what ever the user is trying to post>' and
The key's option is to create unique keys based on certain aspects, such as content and user id.
so if I try to query: more than once, it will cry and spit an error. Swap `a` for User ID (or name) and `b` for Post Content, or other unique info.

Code: Select all
if (mysql_num_rows() > 0) die ('duplicate post!');Code: Select all
CREATE TABLE `test` (
`a` VARCHAR(20),
`b` VARCHAR(20)
)
UNIQUE `ab` (`a`,`b`);Code: Select all
INSERT INTO `test` (`a`,`b`) VALUES ('a', 'b');- ronverdonk
- Forum Commoner
- Posts: 34
- Joined: Sat Jun 10, 2006 7:06 am
- Location: Netherlands
Only one thing left for you
If you don't want to use JavaScript (good idea!) and captcha's, you can solve this by using the 'transaction' method.
Thereby the first request stores a unique transaction id in the page being processed. That way, when the second request comes in with the same id, the redundant transaction is denied. This setup uses MySQL.
I have this solution from the 'PHP Hacks' book from OReilly, works great.
According to the book's preface I can quote the samples, but the code is too much to post here. So, if you want these samples, drop me a note and I'll send it offline via email.
Thereby the first request stores a unique transaction id in the page being processed. That way, when the second request comes in with the same id, the redundant transaction is denied. This setup uses MySQL.
I have this solution from the 'PHP Hacks' book from OReilly, works great.
According to the book's preface I can quote the samples, but the code is too much to post here. So, if you want these samples, drop me a note and I'll send it offline via email.