Solved

Problems With Submit Button

Posted on 1997-11-06
3
202 Views
Last Modified: 2013-12-25
Our website is made up of mostly perl scripts which are accessing a database.  We have a problem that somebody could kill our web server by just keep clicking the submit button.  The perl scripts are very big taking about 5megs per click so if someone kept clicking the submit button lots of 5meg processes would be created making our server grind to a halt.  Is there anyting we can do to stop people making more than one click on the submit button.

Thanks Vimal
0
Comment
Question by:vimal110697
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
Holger101497 earned 50 total points
ID: 1855445
well... obviously you cannot prevent them from clicking the button several times (in plain HTML) - you can only limit the "unhealthy effects".

1] If you are willing to use JavaScript, there's a very simple script that will only allow one submit every x seconds (and change the button to "please wait" instead of "Submit")- I'll post it if you like the idea.
2] If you want the solution to work everywhere, you need something on the server-side, e.g. send a new page "please wait while server processes request" as soon as the user clicks the button and then the "real" results when you're done
3] or you log the IP-addresses of the requests and only allow one query every x seconds.

I think JS is the only solution to prevent the user from submitting several times while the page is displayed, 2) is the solution to prevent clicking and 3) is server-side only. 2 might not work for VERY impatient users ;-)

I hope that helps, let me know if you have more questions...
0
 

Author Comment

by:vimal110697
ID: 1855446
Hi !

Yes I would like it if you could post me the javascript code to do that thing to the submit button.  But also I do not quite understand the second option you suggested, how exactly do you mean this to work because this sounds a good idea.

Thanks

Vimal....
0
 
LVL 6

Expert Comment

by:Holger101497
ID: 1855447
Try this code and tell me if you like it ;-) Ready for Cut&Copy:

<HTML>
  <HEAD><TITLE>Test limited submits</TITLE></HEAD>
<script language="JavaScript">
  LastSubmit=new Date(0);
  function CheckSubmit() {
    ThisSubmit=new Date();
    Diff=ThisSubmit-LastSubmit; // how long ago?
    if (Diff<15000) {
      alert('Please be patient. The server is handling your request!');
      return false;            // block submit after less than 15 seconds !
    }
    LastSubmit=ThisSubmit;     // remember when it was
    win=window.open("","outputwin","height=140,width=220,top=300,left=400");win.focus();
    document.form1.elements[1].value="please wait...";
    setTimeout("document.form1.elements[1].value=' Submit Query ';win.close()",15000);
    return true;
  }
</script>

<BODY>
  <script>
    if (location.search) {
      document.writeln("The text you submitted was: "+location.search);
      document.writeln("<BR><FONT COLOR=red>Please wait while the server handles your request...</FONT>");
    }
  </script>
  <BR><BR><BR><BR><BR><BR>
  <FORM NAME=form1 onsubmit="return CheckSubmit()" TARGET="outputwin">
    <INPUT NAME=TESTTEXT TYPE=TEXT>
    <INPUT TYPE=SUBMIT>
  </FORM>
</BODY>

This is also psychologically effective *g* - users like to see things happen right away (whether you actually open a window or just change the button doesn't matter so much - for the demo this was nicer). Change the 15 to whatever you like.

About 2] I know that it can be done but don't have the implementation at the moment. I'll try to find out because I know people who know ;-) -> what it comes down to is: WHY does your user have enough time to click the button several times? Your script should return a new page so he/she has no chance to click again...

Good luck with this one! (tested in Netscape 3&4 - IE3 does not support the nice window-functions and form-submits to page itself, for "real-life", that's not so crucial; IE4 is on a different harddisk)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
API Soap Calls 4 85
archiving old posts 9 41
comparing strings that contain line breaks 18 51
Creating a dynamic URL  - link to results on Airbnb availability for tomorrow 7 24
Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now