 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion GroupsGeneralPHPASPPerlColdFusionFlashHTML, CSS, ScriptsBrowsers |
Webmaster Forum / ColdFusion / Getting Started / January 2008prevent duplicate form submission from same user
What's the best way to prevent the same person/computer from submitting a form? I am wondering about cookies, ip address, etc. Nothing is foolproof, but ip address is as good a way to go as any. Hi, you can try using session variable to keep track of the form submission. Prasanth If you're just trying to prevent a double-click form submission, use CreateUUID() in the session as a ticket and then pass that in the form. When the form is submitted, compare the form value against the session ticket value, if they match, then regen the session ticket and process the form, that way if they double submit the form, the resubmission will not match the regenerated ticket. If you're trying to set a limit, such as one entry per day, etc... I'd suggest implement some type of authentication user/password with a persistent user record. Cookies can always be cleared as well as munging the header info. eMail addresses are cheap. It all depends on just how much you want to lock down the submission. You can even go the captcha route (letters/numbers in an image that have to be entered) to limit script submissions Rking1966 wrote [i]I am wondering about cookies...[/i] You got me wondering, too. I thought of something like: formPage.cfm ============ <cfif isDefined("cookie.isFormSubmitted") and cookie.isFormSubmitted> You have already submitted the form. You may only do so once.<br> <p> <a href="someOtherBusinessPage.cfm">To business</a> </p> <cfelse> <form action="actionPage.cfm" method="post"> <input name="field1" type="Text"> <input name="send" type="Submit" value="Send"> </form> </cfif> actionPage.cfm ============= <cfif NOT isDefined("cookie.isFormSubmitted")> <cfcookie name="isFormSubmitted" expires="never" value="true"> </cfif> <!--- Business code to handle submitted form fields ---> Thanks for the suggestions. Cookies does seem pretty easy. This doesn't have to be foolproof. No one will go through the trouble of clearing cookies, etc. We just want to have valid data for our study and avoid having folks forget they had already completed it and do it again.....these are college students. Thanks, Richard I also have had the same problem and am using a combination of IP/cookie - trying to replicate the system that the google analytics code tracks when it determines "unique visitor" for http://www.houstonproperties.com but found that when people were entering information, they would sometimes be at their work computer and sometimes visit from their home computer (and in certain occasions from an iphone) do you know for media reporting services like comscore what they use to truly identify a unique visitor? I hope you are allowing the form after the user logged in. If that would be the case then you can set a flag in the database to check whether this particular user has already submitted the form. If so then don't allow. If you're just trying to prevent a double-click form submission. By using javascript you can prevent the user by clicking please go through the below website. http://www.web-source.net/web_development/form_submission.htm. You may also check against the unique ID for e.g. email id. but again with different email id the form can be submitted. Please explain the business scenario for which you are trying to implement. Hope this helps. Thanks, Satheesh. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.