Preventing Repeat Form Submission Using PHP Sessions

We've all seen those messages on some websites warning not to click a button more than once or negative consequences, like paying a bill twice, may result. Sometimes we can cause these problems by hitting the back or refresh buttons. In this article I will explain a methodology whereby a site can ensure each form is submitted only once, thereby demonstrating that such warnings are unnecessary and, depending on the nature of the problems caused, worth repairing immediately. Let's begin by taking a look at the process we are studying: Form Submission. As pedantic as it may seem, it will be worthwhile to detail each of the steps in this process:

  • Visitor requests a page from the server which has a form on it.
  • Server retrieves form and sends to user.
  • User enters data on form and submits to server.
  • Server processes form data and returns resultant page.
  • The scenario we now need to analyze is when the user re-triggers a previous form submission process. What we need to find or create is something which changes during the form submission process which does not depend on the specific form being submitted and which we can tell changed. That was a loaded sentence which fully details our solution, so let's break it down. Find or create something which
  • changes during the form submission process,
  • does not depend on the specific form being submitted, and
  • we can tell changed.
  • Since the item which changes does not depend on the form being submitted (e.g. it doesn't matter if it's a newsletter registration form, customer signup form, payment form, etc.), the item is not something which already exists and therefore must be created, so let's create a form variable called submissionId and assume it has the 3 properties mentioned above. So far, so good -- or so it appears! The third "property" is that "we can tell [it] changed", but "changed" is not a property of a variable, so we need to look at this more closely. In order to tell something changed, we must have a reference point, an answer to the question "changed from what?" This is where a session variable will come into play. If we define a session variable, say $_SESSION['nextValidSubmission'] and treat it as a reference point, we will have all of the tools necessary to protect our visitors. The idea will be to keep the session variable updated with the last submissionId sent out and change the submissionId each time it is sent out to the user. Then, if they try to resubmit the data, they will be submitting an old submissionId which doesn't match nextValidSubmission and we will know not to re-process this data. Let's look at this in terms of the processes:

  • Visitor requests a page from the server which has a form on it.
  • Server retrieves form, generates a new submissionId which is embedded into the form, updates nextValidSubmission, and sends to user.
  • User enters data on form and submits to server.
  • Server processes form data, changes nextValidSubmission, and returns resultant page.
  • Now, if the visitor somehow resends the data, they will be sending the old submissionId which will not match the new nextValidSubmission. So, you can now say goodbye to relying on javascript to remove/disable buttons, silly warning messages, and upset customers by preventing form re-submission.

    Webmaster of Script Reference - The *NEW* PHP Reference & Tutorial Site For Non-Programmers
    See here for more detailed information, an example using PHP, and an alternate method which doesn't require sessions.

    In The News:

    Web Design Jobs  Southern New Hampshire University
    Web Developer  Seven Days
    Senior Web Developer  Charlotte Agenda

    Create Huge Income From Your Web Site - 10 Easy Ways

    The cost of setting up a web site is dirt... Read More

    Successful Web Development: 10 Key Elements

    There are many elements that are key to successful web... Read More

    2 Key Ways to Make Your Site a Success

    If one more business owner tells me their website sucks... Read More

    Newsletter Management Using PHP w/o mySQL for Beginners

    Let's begin by setting some limits. If you're like me,... Read More

    How to Build a Database Driven Web Site

    If you ever want to create a state directory, article... Read More

    1 Simple Solution to All Internet Marketers about Their Website Design Needs

    It is an undeniable fact that not everybody is keen... Read More

    Beautiful Web Sites Seldom Make More Sales

    Designing an E-commerce Web site is not as simple as... Read More

    Improving Usability for Screen Reader Users

    Simply ensuring your website is accessible to screen reader users... Read More

    Free Isnt Always Good - 5 Reasons Why You Need Your Own Website

    Often time I've browsed sites and seen the same thing... Read More

    7 Ways to Gain a Professional Online Reputation

    A professional online reputation is essential to the flourishing of... Read More

    Entangled in the World Wide Web

    I am just a learner who likes to delve in... Read More

    Optimal Website Design

    Optimal website design is the art of logical navigation.It will... Read More

    The Power Of CPanel

    cPanel is a control panel for your website and allows... Read More

    9 Simple Steps to Create a Background Tiled Image Branded with Your Name

    You have seen those web pages where they have the... Read More

    3 Ways To Increase Your Websites Conversion rate

    Everywhere you look these days, people are telling you that... Read More

    MySQL Database Handling in PHP

    Most interactive websites nowadays require data to be presented dynamically... Read More

    Why Every Small Business Owner Needs Two Websites

    Every small business owner knows that they need a website,... Read More

    Making Your Website Shine! Attract and Keep Visitors at Your Site!

    When you consider the billions of individuals and companies on... Read More

    How To Keep Your Website Sticky

    Developing a website with content that entices visitors to return... Read More

    Does Your Business Really Need A Website?

    Website, website, website, everyone says you need one. But do... Read More

    I Did It: Six Months to a Successful Website

    For years now I've been looking to start my own... Read More

    Is Your Web Site Talking to Your Customer?

    A while ago one of my clients approached me and... Read More

    What Business Owners MUST Know BEFORE They Commit To Having A Web Site

    Q1.Why would I need a web site? A1.- Improve my... Read More

    Creating Compelling Content , Write It and They Will Come

    In a previous ezinearticles.com article,"I Need real visitors, Not Search... Read More

    Creating Websites that Cater to Exam Preparations

    One of the things that Internet excels is disseminating information... Read More