On 15 Oct 2008, at 18:49, Mark Stosberg wrote:
On Wed, 15 Oct 2008 12:41:55 -0400
"Perrin Harkins" <[EMAIL PROTECTED]> wrote:
On Wed, Oct 15, 2008 at 12:31 PM, Mark Stosberg
<[EMAIL PROTECTED]> wrote:
We had a "double submit" bug that allowed a form to be submitted
twice when we
weren't fully prepared for that. We are still researching the best
practices to
address this a general case. One approach we are considering is
change the
submit action on forms with JavaScript, so it disables the submit
button, and
then actually submit the form, preventing one kind of double-
submission. It
seems like I don't see this approach happening in the wild much,
though. I
suspect there is a better solution.
JavaScript is okay, but can be a problem when people hit back
expecting to use the form again and the button is still disabled.
Thanks for the response.
That's what I was concerned about. I don't have a sense of how
much this would happen in practice.
Take some elements from the form and search for an add in the past
<time period>. We did one recently where we took the email address,
recipient and amount from the form and then made sure that the same
data hadn't already been submitted in the last 24 hours - working on
the principle that a user is unlikely to gift the exact same amount to
the same person on the same day. The check is trivial compared to the
commit.
FWIW, we looked into this and this approach seemed to be the quickest
and most reliable available. If you Google on this, you may find an
article or two which support this approach.
HTH
Simon
