| Author |
Topic |
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
 Posted - 2006-02-09 : 08:26:04
|
| hello,how do you avoid submitting the same form twice.I dont want to use a disable button in javascript.Any advice ?thanksAfrika |
|
|
jsmith8858
Dr. Cross Join
7423 Posts |
Posted - 2006-02-09 : 10:11:20
|
| Can you be a little bit more specific? |
 |
|
|
uberman
Posting Yak Master
159 Posts |
Posted - 2006-02-09 : 10:13:03
|
| You need to work out what "twice" means...Is the form only ever going to be submitted once? Or is it only once per user? Or once per user per session? etc... etc...If you don't want to use javascript and the form is being created dynamically you could add a hidden element giving the form a unique id, and only allow that unique id to be submitted once so that repeated clicking of the submit button will only result in one form entry |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-02-09 : 10:59:44
|
| Oh sorry, what i meant, was there are times the connection might be erratic, or i noticed users normally would double click the submit button.We used to use a javascript disable button, but i felt it was not good enough.Yes, we are testing a hidden field, giving it a uniqueID with each refreshed page, but i noticed, that many at times, users just hit the back button which takes them back to the page with the hidden field. So......If a hidden field is used, it wont work here.I also set the web page to "NO CACHE" off, which auto refreshes the page, but this doesnt work well in mozzilla.any advice ?Thanks |
|
|
|
jsmith8858
Dr. Cross Join
7423 Posts |
Posted - 2006-02-09 : 11:02:50
|
| yes -- that is why you use the hidden field. If they hit back, and the hidden field has the same value as before, when they hit submit the second time, your app will know that they already submitted if you keep track of that at the server. Then you know that you should not re-process the request. |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-02-09 : 11:11:20
|
| We have thought of a hidden field, but the only down side is when a users hits the back button, it would be the same value. In IE the "no cache off" works well. Which makes it excellent but firefox does not.I guess we will stick to this, for now. |
|
|
|
jsmith8858
Dr. Cross Join
7423 Posts |
Posted - 2006-02-09 : 12:05:32
|
| >>but the only down side is when a users hits the back button, it would be the same valueI don't understand .. don't you want it to be the same value? If it is the same value, as I mentioned, then you will know that the form has already been submitted, so you can avoid processing it twice. If pressing BACK gives you a NEW value (which for some reason you seem to be indicating that you want), then the user will be able to hit BACK all day long and keep submitting the form over and over. Which I thought you didn't want. |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2006-02-09 : 14:12:16
|
| Taking an example from our code: We have a Basket that users can Checkout and Buy. When they press the final "Buy" button we obviously only want to debit their credit card once.So as part of that process we update the "Status" on the basket to "Checking out". And double-click action will fail, because the status is no longer "Basket" but now "Checking out".For other scenarios we put an "Edit Number" on the form (in a hidden field). All our tables have an Edit Number column which is incremented whenever a record is changed. (Similar to a TIMESTAMP datatype column, but without being Binary!). The EditNumber has to match, as well as the Primary key Fields, for the update to be successful. This also protects against another user, or the same user in a different Window, editing the same record.Kristen |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-02-10 : 06:39:33
|
quote:
Originally posted by jsmith8858
>>but the only down side is when a users hits the back button, it would be the same valueI don't understand .. don't you want it to be the same value? If it is the same value, as I mentioned, then you will know that the form has already been submitted, so you can avoid processing it twice. If pressing BACK gives you a NEW value (which for some reason you seem to be indicating that you want), then the user will be able to hit BACK all day long and keep submitting the form over and over. Which I thought you didn't want.
Its quite tricky, both sides have their pros and cons, Am looking at Kristen's method here, This might just be the solution, to add a timestamp and a status value as well.I would test these. Guess they should work.Afrika |
|
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2006-02-10 : 10:18:06
|
ok i got to ask... why don't you want to use the javascripts disable button?Go with the flow & have fun! Else fight the flow  |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-02-10 : 12:29:16
|
Few reasons:1. If the link for any reason is erratic2. A couple of novice users complain3. Look at other options for a change, make the site more secure4. have full control of the transaction. With Java script disable button, you are at the mercy of the javascript function. I have heard of disabling javascript in your browser, (though i have never) but its an optionTo be more concise, its an web2phone sms portal, sends sms to cell phones. However, we had a case of a bulk blast of about 400sms messages, which were sent repeatedly 4 times, (this was in the past) The browser used was mozilla, and the person, claimed to send it only once.So am guessing the submit button was clicked 4times, this is not good  There are a few other areas, we would not want to take such risksAfrika |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2006-02-10 : 13:18:56
|
"why don't you want to use the javascripts disable button?"Biggest issue for me would be the user that presses Back, or DoubleClick [faster than JavaScript can disabled it!], or gets it out of Favourites, or some RightClick SaveAs or whatever - which would then be without the Disabled Button  The page might be marked as Expired or somesuch to prevent them re-using it, but even so its nice to know that the application won't, under any circumstances, allow the data to be resubmitted.Kristen |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-02-10 : 16:18:17
|
>>Disable buttonI personally dont think its the right way to go  Simply, because there are ways around beating it.quote:
...but even so its nice to know that the application won't, under any circumstances, allow the data to be resubmitted.
Yes !!! |
|
|
|
|
Avoid submitting the same form twice