In addition to the "middle-man" method listed by John (which I use on every
form), I sometimes use this, which in most cases prevents people clicking
back and hitting submit again (which may or may not be part of your

When you generate an instance of the form (blank), generate a random, unique
string in a hidden field.

Insert this string into the database with the rest of the form contents.

All you have to do is check that the the unique string doesn't already exist
in the DB befor inserting, preventing multiple submits in MOST cases.

The side-effect is that:

1. it will piss off people who WANT to insert multiple, similar posts (I'm
thinking of a car salesman entering in 5 slightly different cars, all of
them Ford Mustangs for example), in which case they'd want to click back,
change a few details, and click submit again.  In this case you'd be better
off using the registration number, body number or engine number as the
unique key, rather than generating one.

2. people can still screw with you by generating their own form with their
own unique ids, and submitting.

3. people can still screw you by entering the same information twice (still
a version of multiple submit), by refreshing the form or whatever.

Justin French

on 27/09/02 9:16 AM, Bob Irwin ([EMAIL PROTECTED]) wrote:

> You could also do a simple data check against your database to make sure
> that the same information isn't posted by the same person in a certain time
> period.
> More complicated, but works well and doesn't rely on browser refresh or php
> headers - both of which can occasionally run into problems.
> Best Regards
> Bob Irwin
> Server Admin & Web Programmer
> Planet Netcom
> ----- Original Message -----
> From: "John Holmes" <[EMAIL PROTECTED]>
> To: "'Clemson Chan'" <[EMAIL PROTECTED]>; "'Php'"
> Sent: Friday, September 27, 2002 9:13 AM
> Subject: RE: [PHP] I don't want multiple form submitted
>>> I have a message board written in PHP w/MySQL.
>>> So when a person submitting a post, it goes to a list_view.
>>> If this person refresh the list_view.
>>> The message he submitted will get submitted again.
>>> How can I avoid this problem?
>>> Please let me know if you know the answer. Thanks
>> This question is asked every week, it seems. Best method is to use a
>> "middle-man". Use a middle page that processes the new post, then
>> redirects the user to the next page. You can use a PHP header()
>> solution, or a javascript META-REFRESH method.
>> ---John Holmes...
>> --
>> PHP General Mailing List (
>> To unsubscribe, visit:
>> Scanned by PeNiCillin
>> Scanned by PeNiCillin

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to