On 11/9/05, Jadeler <[EMAIL PROTECTED]> wrote: > I wanted to find out any recommendations in handling > successful payments where the user is redirected to a > receipt screen after a successful payment transaction. > Basically, I need to prevent users from resubmitting > the payment screen again via clicking on the browser > back button, etc or via other means. > > Thanks. > > Jadeler
These articles by yours truly may be a good start: http://www.theserverside.com/articles/article.tss?l=RedirectAfterPost http://www.theserverside.com/articles/article.tss?l=RedirectAfterPost2 Quote from the article: === cut here === Storing several identical items in the shopping basket is not a problem while a user is still shopping. It is enough to show the basket content and the quantity of each item. What is really important is to ensure that the payment is processed only once. It may look something like this: * A shopping basket is created, the unique basket ID is assigned to the basket. * If a user clicks on Back button after adding an item to the basket, browser reloads up-to-date basket information from the server and shows to the user that the item is already in the basket. It is up to the user to add another identical item. * When the basket is submitted, its content is sent to a purchasing subsystem; the basket is invalidated; its transaction number is saved in history table if needed and destroyed from application context. The user is redirected to success page. * When a user clicks Back button after purchase was made, browser attempts to load the basket and fails because the basket, its ID and its content have already been destroyed. Browser shows error message instead of the basket. Submitting the same basket twice is impossible. * In case of caching browser or proxy a user who clicked Back button would see the same basket which was already submitted to purchasing subsystem. User's attempt to resubmit the basket would fail because basket tracking ID has been already destroyed along with the basket itself. As a courtesy for users of caching browsers the server can reply with error stating that the submitted basket does not exist any longer. === cut here === Michael. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]