Yeah, but in the real world regardless of the FUD about firewalls and the
like...
The feedback that I have had from people using this technique is that the
apps that have had this code implemented experience dramatic reduction in
double postings to the point where they no longer exist.
And the code I posted is not making the basic application unavailable. It
just allows double-postings if javascript is not enabled which in practice
isn't that much when you consider the intersection of people who double
click and the people likely to have JS disabled.
For a heavily used site, I would recommend ultimately a better server-side
solution because the amount of time to develop and maintain a server side
solution is "worth it", but it's not as easy and quick to fix an app in
this respect as it is to add a quickie javascript fix for the short-term or
for an app that it's not worth spending more time on.
There's a lot of similar FUD about using cookies (not accepted on PDAs,
people scared of them, etc). Personally, I don't like to program using
cookies and I have my browser explicitly warn me of the cookie before
accepting (which does slow down my browsing experience but is most
interesting),, but the reality is that shedloads of sites use them to
enhance the user experience but don't make it a problem if they don't go
and use them.
Anyway, whatever. Happy New Year! :)
Speaking of which, I guess the non-use of Cookies and JavaScript would make
a great NY Resolution...
At 06:00 PM 1/4/2001 -0800, Randal L. Schwartz wrote:
> >>>>> "Gunther" == Gunther Birznieks <[EMAIL PROTECTED]> writes:
>
>Gunther> But I've also seen a lot of people use javascript to accomplish the
>Gunther> same thing as a quick fix. Few browsers don't support javascript. Of
>Gunther> the small amount that don't, the venn diagram merge of browsers that
>Gunther> don't do javascript and users with an itchy trigger finger is very
>Gunther> small. The advantage is that it's faster than mungling your own
>Gunther> server-side code with extra logic to prevent double posting.
>
>My browser "supports" Javascript, but has it turned off whenever I'm going
>to an unknown web page.
>
>Presuming that the CERT notices are being posted widely enough, there
>are demonstratably *more* people with Javascript turned off today than
>ever before.
>
>That means you can use Javascript to enhance the experience, but I'll
>come over and rip your throat out (if I knew your address) if you make
>it required for basic services.
>
>And don't forget the corporate firewalls that strip Javascript for
>security reasons. And the hundreds of new "net devices" showing up
>that understand HTTP and XHTML, but nothing about Javascript.
>
>Javascript. Just say no(t required).
>
>--
>Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
><[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/>
>Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
>See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
__________________________________________________
Gunther Birznieks ([EMAIL PROTECTED])
eXtropia - The Web Technology Company
http://www.extropia.com/
