faqts : Computers : Programming : Languages : JavaScript : Forms

+ Search
 Add Entry AlertManage Folder Edit Entry Add page to http://del.icio.us/
Did You Find This Entry Useful?

162 of 232 people (70%) answered Yes
Recently 9 of 10 people (90%) answered Yes

Entry

How to ensure a FORM is only submitted once?
this.submitted is already true, why do we still need disableSubmit(this)?

Apr 23rd, 2003 14:07
Nel MS, Aral Balkan, Martin Honnen, Hanh Huynh, Nel MS
 


The easiest way to make sure forms are submitted only once: Disabling 
the SUBMIT button after clicking it once.
An innocent button that is clickable (see below). Now when a user 
clicks once (onClick), this button (this.) will be disabled 
(disabled=true).
<input type="submit" onClick="this.disabled=true">
The [disabled] tool can be used on tables as well. IE. Put a bunch of 
buttons in a table and assign the table (or TD) an 
onClick="this.disabled=true" and see what happens!!
(Nel MS)
=====================================================================
Author: Billy Cook (64.89.82.101) 
Date:   2020-08-28 06:28:41
When printing out the form I store a random number in a session 
variable and put a hidden field in the form with the same random 
number 
as its value. When processing the form submission I compare the value 
of the hidden field in the form with the one in the session. If they 
don't match then I don't process the form. If they do match I process 
the form and unregister the variable from the session. If a user tries 
to re-post the form the value in the session will no longer match the 
hidden field in the form. 
***
To add to Billy's method: If you want to have a page that may get 
resubmitted (but not in the same state twice -- ie, via refresh) then 
use not a random number for the session variable but a counter. Store 
that counter in your form in a hidden field and check for it at the 
start of your script. If the page is submitted via a form submit 
button, then the value of the hidden field will equal the value of 
your 
session variable (the counter), if the form was submitted via the 
Refresh button on the browser then it will not. Here's how it works 
(only the pertinent parts / pseudo-code):
Page first loads:
-----------------
$sessionVar = 0;
// ... echo '<form>... etc.
echo '<input type="hidden" name="hiddenFormVar" 
value="'.$sessionVar.'">;
User submits via the submit button in the form:
-----------------------------------------------
at start of script => $sessionVar == 0 == $hiddenFormVar // ok, 
process 
form
++$session_var; // increment the counter
// ... echo '<form>... etc.
echo '<input type="hidden" name="hiddenFormVar" 
value="'.$sessionVar.'">; // write out the new session_var
User presses the Refresh button:
--------------------------------
at start of script => ($sessionVar == 1) != ($hiddenFormVar == 0) // 
not, ok -- do not process
That simple, really! Hth. Aral :)
***
You might want to prevent users from trying to submit the same form 
twice (or even more often) for instance when they have already 
submitted but processing takes slows and they impatiently hit the 
submit button again.
You can use the <FORM ONSUBMIT handler to save a flag that the form 
got 
already submitted:
<HTML>
<HEAD>
<SCRIPT>
function disableSubmits (form) {
  for (var i = 0; i < form.elements.length; i++)
    if (form.elements[i].type.toLowerCase() == 'submit')
      form.elements[i].disabled = true;
}
</SCRIPT>
</HEAD>
<BODY>
...
<FORM ACTION="whatever"
      TARGET="_blank"
      ONSUBMIT="if (this.submitted) return false; else { 
this.submitted 
= true; disableSubmits(this); return true; }"
>