[RESOLVED] Disabling submit from being refreshed?

dreamkat

I have created an explore system. However, I dont want the users to cheat by refreshing the page when they claimed/submitted the form to add there coins or items to their inventory.
Is there a way to only let a form be submitted once..?

I had the idea of MD5 each form action and marking it claimed but I'm looking for a better way because that would probably have to have a table created and it would take up alot of space.

If not can anyone link me to a script that disables a page from being refreshed..most I found on google didnt work for some reason.

bradgrafelman

What I've done in the past is use a [man]session[/man] value. Basically, when you generate the form and display it, create some random string of data (doesn't really matter what you use... [man]uniqid/man, [man]sha1/man of the current time with microseconds, etc.) and store it in the session. In addition, include that random value in the form data (e.g. as a hidden input).

When you process the form data, verify that the POST'ed hidden value matches the value stored in the session. If it does, clear the value from the session and process the form data.

Now, if they simply refresh and thus re-submit the POST'ed data, your script will receive the same hidden value from the form again, but the value will have already been cleared from the session; this mismatch will indicate that they haven't visited the form page again before submitting the form data.

dreamkat

Thank you 🙂