• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 395
  • Last Modified:

Preventing multiple form submissions.

Hello everyone,

I am just curious can be done to prevent a client from jamming away on a submit button on a webform?

I have been googling away for a few alternatives but most articles and suggestions I have found involve javascript. Such as http://dotnetjunkies.com/WebLog/mjordan/archive/2004/02/17/7393.aspx. Although this is a terrific solution, it doesn't prevent anyone from being a shyster and disabling javascript and abusing a webform. This can especially be a pain when the form submission involves inserting into a DB. The result being multiple rows inserted.

So there has be some sort of server side solution where if javascript is disabled the multiple form submissions can be ignored or prevented.

My current idea is to forward the form submission to a page (after the webform is validated) that indicates the task is processing. But surely there have to be some other solutions. And I am curious about what other solutions there are out there for this situation.

Thanks
0
sboux
Asked:
sboux
  • 2
2 Solutions
 
gregoryyoungCommented:
this is one method http://aspzone.com/articles/207.aspx

are you referring to the specific question of someone clicking back and then submitting again ? put a GUID in the querystring/hidden variable/viewstate/whatever and validate with an expected guid saved in session ... when you save, make a new expected guid on the server side ... if they hit back the guids wont match up..

0
 
gregoryyoungCommented:
thats the same logic I posted .... (test)  http://aspzone.com/samples/oneclickbutton.aspx download http://aspzone.com/uploads/oneclickbutton.zip

neither of them handle the back button though (which atleast in my development has been a major issue due to peoples dumpy internet connections etc i.e. they get a this page cannot be displayed error)

0
 
sbouxAuthor Commented:
Thanks for your help guys.

I tried the http://metabuilders.com/Tools/OneClick.aspx webcontrol.  And it did (usually) prevent multiple form submissions.  Although I would get a strange behaviour where if the button was pressed more than once.  It would perform the task I wanted performed once but refused to forward to a page after the process was complete.  It would just sit on the page the form was submitted from.  Submit could then be pressed again and viola 2 database inserts.  In fact when I stepped through the code the Server.Transfer("Foo.aspx") line of code would execute but yet it did nothing to the web application.

Gregory, when I added the GUID validation to the page it fixed the problem above.  Now if the client hits submit more than once the task I need inserts to the database only once the GUID changes after the second button click and then the client is forwarded to a page saying their request has already been processed blah blah blah you hit submit more than once.  Also the GUID validation prevents them from hitting back and re-submitting the form.

Thanks again,   I am suprised there isn't a better system in place to handle the "javascript disabled" people in this scenario.  What a pain it would be if someone wanted to be malicious and fill up a database with bunk data.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now