Once your signup engine is ready to perform all database entries, have it
set and commit a flag in the session indicating that it is processing. Once
the signup process is complete, set a flag in the session indicating this as
well. You must now add two tests to your signup engine to avoid dupes. The
two previous flags should be inspected immediately after fetching the
session (before processing anything) 1) to look for the completed flag which
can just display/redisplay the final status of the signup, 2) to display a
processing message while waiting for the previous signup process to complete
(if processing but not completed) then gathering the completed data from the
session and displaying the signup results. There are a few ways to go about
#2, so be creative.
Thanks,
Tim Tompkins
----------------------------------------------
Staff Engineer / Programmer
http://www.arttoday.com/
----------------------------------------------
----- Original Message -----
From: "Rob Bloodgood" <[EMAIL PROTECTED]>
To: "mod_perl" <[EMAIL PROTECTED]>
Sent: Thursday, May 17, 2001 10:42 AM
Subject: Preventing duplicate signups
> So, like many of you, I've got a signup system in place for bringing on
new
> customers.
>
> My signup script is reasonably straightforward. I use CGI::Validate to
make
> my parameters pass muster (along with a little judicious JavaScript on the
> signup form), Apache::Session::Oracle to maintain state between the
multiple
> pages of the signup, CGI::FastTemplate to print a pretty success page, and
> DBI to create the account records at successful creation.
>
> At one time it was straight CGI but I've since updated it for mod_perl.
>
> Anyway, my only problem is that I can't seem to prevent duplicate signups,
> e.g. reloading the last page to create multiple accounts.
>
> This is my dupe detection code:
>
> if (my (%post) = cookie('Signup')) {
> local $^W = 0;
> my $match = 0;
> foreach (qw/ email url password / ) {
> $match++ if param($_) and $post{$_} eq param($_)
> }
> if ($match == 3) {
> # I tried this first, but some browsers are stupid.
> # print header(-status=>'204 No Content');
> print header(-status=>'304 Not Modified');
> exit;
> }
> }
>
> Naturally, I set the corresponding cookie in the Header of the "Thank you
> for signing up" template output.
>
> But it doesn't work. I still get duplicate accounts, and I'm at a loss as
> to how to attack this problem. (this is the 3rd or 4th approach I've
> tried).
>
> Suggestions?
>
> TIA!
>
> L8r,
> Rob
>
> #!/usr/bin/perl -w
> use Disclaimer qw/:standard/;
>
>
>
