Back button resubmitting

Peter B

When building a webpage, how do I make it impossible for someone to not submit a form twice buy just pressing the back button and submit again.

I am using PHP.

Adam

Some script would be helpful to give an example, but basically if you set a clause somewhere in the script such that if a database entry already exists then the script shouldn't enter a new one, if you get me?

Gosh

In your PHP script that creates the page with the form on generate a random string and assign this to a session variable, put this into a hidden field on the page. In the script that processes the form check that the hidden value is the same as the session variable and then change it - if not the same then reject the form.

Peter B

Thank you so much for the help guys.

I think I will go with the session storing a random integer option.

What I have is a webpage that asks for input from the user.

1) Chose Car Page
Logged in user choses a make and type of car from my pre selected menu.
At this point I will store a random integer in the session

2) Insert details Page
The data about the car is then posted to a insert details page. This displays all the details chosen (Posted) from the previous page and asks the user for their comment, description, price etc.
Again I post the information from Page number 1 about the car information and the new details which have been entered in this page

3) Confirmation Page
I display all in information inserted by the user and ask user to verify all information is correct.
I post all information relevant to the ad here while keeping the random number in my session.

4) Storing page
I submit all information to a store.php file which first checks does the user have enough credits to display ad and then check if the random string has not been posted in the last 24 hours in another ad. I also check a random number has been created and is stored in session. On submitting the information into the database I unset() the random number variable in the session. This then forwards to the users main page with the updated information.

The problem I was having before I inserted a random number was that if someone pressed back having completed all four steps it would duplicate the ad and reduce the number of credits the user has already.

I think this solution should prevent duplicating ads. Ant thoughts?

I hope this isn't too difficult to understand. Thanks

Adam

No thoughts really, that all seems like sound programming! Should have known Gosh would have a better idea though!

One thing I would try and do is work that all into just two scripts at most, if not one, rather than four seperate ones, its pretty simple using the if() else functions, and cuts down on the number of scripts rather than having one script for every little thing, just some food for thought there!

akari no ryu

What we did when we wanted to do this is have all of the links set to call a function

<script language="JavaScript">
 function openPage(somePage){
    location.replace(somePage);
 }
</script>

This sets the new page to the current position in the history.
Doesn't work too well with forms unless you're using AJAX, as far as I recall.