How To Prevent Multiple Submission?

[Guest_imported]

1)Okay I'm working on a guestbook script which lets the users to leave their comment.
I have used two functions in the script:

guestbook.php?function=addcomment
guestbook.php?function=submit

Basically addcomment() function is to show the html form whereas submit() performs the routines
such as form field validation and stores the commments into database.

My question is: supposed when the user finished filling the comments form and clicked on the submit button,
the url will then became guestbook.php?function=submit right? At this point if he/she refreshed the page,
the same data will be submited over and over again since the script continued looping the submit() function.As the result,
the database will be trashed. Is there anyway to prevent this?

2)Meantime, I'm using session on my site as well.Everytime when I click on the 'back' button on the brower I get the following message: WARNING: PAGE HAS EXPIRED/DATA MISSING. Why?

Something you might want to notice:

I'm not the owner of the server, I just put my site for free hosting.
I've tried to use GET method instead, but it doesn't seem to be a good idea since sensitive info such as username and password will be exposed on the address bar in the browser.Any idea?Solutions and helps are much appreciated. Thank you.

 

[AnakinPt]

in this case, you should use POST as method of the form. When the user do a refresh, he get's a warning, saying that the contents of the page have expired, and asks him if he wants to refresh the page.

Ways to prevent this, only some coding, like you save the session_id in the table, and when someone tries to insert some row in that table (you check text or title vs session_id), if they already exists in the table, just say to the user that, that was a refresh and so the comment wasn't added. This is an over the knee solution. Probably isn't the best, but it's a way.
Anikin
Hugo Alexandre Dias
Web-Programmer
anikin_jedi@hotmail.com

 

[BB101]

I always disregard the back and forward buttons on the browser, if you use them, your asking for trouble!

With regards to your submit button, in IE, you can always use a bit of inline javascript on it to disable onclick

<input type=submit name=ACT value='Go!' onClick='this.disabled = true;'>

I think its that, but you get the idea --BB

 

[Bastien]

hi

you are getting the page expired warning probably because you have set the cache to no-cache.

another way to prevent double submission is to create a serverside session variable (&quot;$submitted&quot and set it to 1 when the user submits the first time. if the page is called again when the user clicks or refreshes the page have the code check if the variable is set, if yes then write a message saying &quot;previously submitted&quot;. If not then allow the submission

<? session_start();
session_register('submitted');
if ($submitted==1){
echo &quot;Previously submitted. click here to go to next page&quot;;
}else{
//code to pass data to DB
//code to set submmitted value to 1
$submitted=1;
}
?>

hth
Bastien

There are many ways to skin this cat,
but it still tastes like chicken