Solved

Preventing multiple form submissions.

Posted on 2004-08-15
4
379 Views
Last Modified: 2008-03-10
Hello everyone,

I am just curious can be done to prevent a client from jamming away on a submit button on a webform?

I have been googling away for a few alternatives but most articles and suggestions I have found involve javascript. Such as http://dotnetjunkies.com/WebLog/mjordan/archive/2004/02/17/7393.aspx. Although this is a terrific solution, it doesn't prevent anyone from being a shyster and disabling javascript and abusing a webform. This can especially be a pain when the form submission involves inserting into a DB. The result being multiple rows inserted.

So there has be some sort of server side solution where if javascript is disabled the multiple form submissions can be ignored or prevented.

My current idea is to forward the form submission to a page (after the webform is validated) that indicates the task is processing. But surely there have to be some other solutions. And I am curious about what other solutions there are out there for this situation.

Thanks
0
Comment
Question by:sboux
  • 2
4 Comments
 
LVL 37

Accepted Solution

by:
gregoryyoung earned 250 total points
ID: 11806071
this is one method http://aspzone.com/articles/207.aspx

are you referring to the specific question of someone clicking back and then submitting again ? put a GUID in the querystring/hidden variable/viewstate/whatever and validate with an expected guid saved in session ... when you save, make a new expected guid on the server side ... if they hit back the guids wont match up..

0
 
LVL 9

Assisted Solution

by:glsac
glsac earned 250 total points
ID: 11806733
0
 
LVL 37

Expert Comment

by:gregoryyoung
ID: 11806899
thats the same logic I posted .... (test)  http://aspzone.com/samples/oneclickbutton.aspx download http://aspzone.com/uploads/oneclickbutton.zip

neither of them handle the back button though (which atleast in my development has been a major issue due to peoples dumpy internet connections etc i.e. they get a this page cannot be displayed error)

0
 

Author Comment

by:sboux
ID: 11812633
Thanks for your help guys.

I tried the http://metabuilders.com/Tools/OneClick.aspx webcontrol.  And it did (usually) prevent multiple form submissions.  Although I would get a strange behaviour where if the button was pressed more than once.  It would perform the task I wanted performed once but refused to forward to a page after the process was complete.  It would just sit on the page the form was submitted from.  Submit could then be pressed again and viola 2 database inserts.  In fact when I stepped through the code the Server.Transfer("Foo.aspx") line of code would execute but yet it did nothing to the web application.

Gregory, when I added the GUID validation to the page it fixed the problem above.  Now if the client hits submit more than once the task I need inserts to the database only once the GUID changes after the second button click and then the client is forwarded to a page saying their request has already been processed blah blah blah you hit submit more than once.  Also the GUID validation prevents them from hitting back and re-submitting the form.

Thanks again,   I am suprised there isn't a better system in place to handle the "javascript disabled" people in this scenario.  What a pain it would be if someone wanted to be malicious and fill up a database with bunk data.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question