Solved

Preventing multiple form submissions.

Posted on 2004-08-15
4
375 Views
Last Modified: 2008-03-10
Hello everyone,

I am just curious can be done to prevent a client from jamming away on a submit button on a webform?

I have been googling away for a few alternatives but most articles and suggestions I have found involve javascript. Such as http://dotnetjunkies.com/WebLog/mjordan/archive/2004/02/17/7393.aspx. Although this is a terrific solution, it doesn't prevent anyone from being a shyster and disabling javascript and abusing a webform. This can especially be a pain when the form submission involves inserting into a DB. The result being multiple rows inserted.

So there has be some sort of server side solution where if javascript is disabled the multiple form submissions can be ignored or prevented.

My current idea is to forward the form submission to a page (after the webform is validated) that indicates the task is processing. But surely there have to be some other solutions. And I am curious about what other solutions there are out there for this situation.

Thanks
0
Comment
Question by:sboux
  • 2
4 Comments
 
LVL 37

Accepted Solution

by:
gregoryyoung earned 250 total points
ID: 11806071
this is one method http://aspzone.com/articles/207.aspx

are you referring to the specific question of someone clicking back and then submitting again ? put a GUID in the querystring/hidden variable/viewstate/whatever and validate with an expected guid saved in session ... when you save, make a new expected guid on the server side ... if they hit back the guids wont match up..

0
 
LVL 9

Assisted Solution

by:glsac
glsac earned 250 total points
ID: 11806733
0
 
LVL 37

Expert Comment

by:gregoryyoung
ID: 11806899
thats the same logic I posted .... (test)  http://aspzone.com/samples/oneclickbutton.aspx download http://aspzone.com/uploads/oneclickbutton.zip

neither of them handle the back button though (which atleast in my development has been a major issue due to peoples dumpy internet connections etc i.e. they get a this page cannot be displayed error)

0
 

Author Comment

by:sboux
ID: 11812633
Thanks for your help guys.

I tried the http://metabuilders.com/Tools/OneClick.aspx webcontrol.  And it did (usually) prevent multiple form submissions.  Although I would get a strange behaviour where if the button was pressed more than once.  It would perform the task I wanted performed once but refused to forward to a page after the process was complete.  It would just sit on the page the form was submitted from.  Submit could then be pressed again and viola 2 database inserts.  In fact when I stepped through the code the Server.Transfer("Foo.aspx") line of code would execute but yet it did nothing to the web application.

Gregory, when I added the GUID validation to the page it fixed the problem above.  Now if the client hits submit more than once the task I need inserts to the database only once the GUID changes after the second button click and then the client is forwarded to a page saying their request has already been processed blah blah blah you hit submit more than once.  Also the GUID validation prevents them from hitting back and re-submitting the form.

Thanks again,   I am suprised there isn't a better system in place to handle the "javascript disabled" people in this scenario.  What a pain it would be if someone wanted to be malicious and fill up a database with bunk data.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Calling stored proc in EDMX 11 23
SQL best practice question 3 36
ASP.NET Web API or ASP.NET Core MVC? 3 51
What .NET URL re-routing tool did I use? 2 31
I have developed many web applications with asp & asp.net and to add and use a dropdownlist was always a very simple task, but with the new asp.net, setting the value is a bit tricky and its not similar to the old traditional method. So in this a…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now