Posting Form Data

[rpack78]

Is there a way to keep a user from re-posting form data if they hit the back button or refresh? What is the best way to deal with this besides using javascript disabling the back button? Can I somehow clear out all form data in a browswer after a form is posted? Thanks.

Ryan

 

[MJAZ]

You could try using a cookie that says whether or not the form has been submitted.

 

[stevexff]

Far as I'm aware, you can't disable the back button. If you could, the only way you'd be able to get out of a porn or internet gambling site would be to close the browser

The best solution I've seen requires you to maintain some kind of session state context on the server between interactions. The scheme is to send a token (either a counter or a guid) out with the response, and store it in a local context on the server. When the next request comes in (complete with token), compare the inbound token with the session context token. if they match, increment (or regenerate) the token, save in session context, and process the request. If they have used the back button and then resubmitted, the tokens don't match and you can either send them to an error page, or redisplay the correct page.

Assuming you have some kind of shopping cart, then you already have session state data. If not, look at CGI::Session

Steve

[small]"Every program can be reduced by one instruction, and every program has at least one bug. Therefore, any program can be reduced to one instruction which doesn't work." (Object:erlDesignPatterns)[/small]