On 24.08.2011 21:38, Mike Mackintosh wrote:
On Aug 24, 2011, at 11:52, John Black<s...@network-technologies.org>  wrote:
On 08/24/2011 03:04 AM, Jason Pruim wrote:
Wondering what everyone does to prevent multiple form submissions?
My form is simply getting emailed to my email, and it redirects to a success 
page when submitted...
Would it be as simple as doing something with the cache control? Basically I'm 
trying to avoid someone submitting a form... Then hitting back, and submitting 
again, then hitting back.... I think you get the idea...
What do you all do?
Jason Pruim
I am using $_SESSION for this. Set a value on the initial page, a timestamp is 
a good choice, then validate the value on the receiving script and clear the 
I like to use a timestamp because it will allow you to deny a comment which 
took too long to submit.
I've always tended to stay away from session for that, as when the browser 
closes/restarts, the page is accessible again.

True, a SESSION can be reset by closing the browser but I am not trying to deny a user from submitting different information again. I want to prevent them from submitting the same data again by accident (back button or refresh).

A visitor, enters on the form UI page, the session is set, user submits and the form will reset the value in session to null or destroy it.

If the visitor attempts to resubmit by using refresh then it will fail because session does not contain an expected value anymore. That value is generated on the UI page.

If the user goes back with the back button then the browser should display the page from cache. The script will not be called and it will not create a new session value. If the browser does not use the cache it will have to reload the form. This will create a new session value and an empty form so the user may type a new message. This is like attempting to submit a new message and is something I don't block.

I do it this way because I don't want to prevent a visitor to submit new information and I don't think that the original question wanted that.

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to