Pete Posted March 16, 2016 Posted March 16, 2016 (edited) ...but not the normal issue I have a situation where in really remote areas an intranet site loads extremely slow due to slow connection. I've implemented jQuery to stop the submit button from being able to be clicked more than once, and the user tells me they're definitely not spamming the button anyway, but on their occasionally really slow connection I sometimes receive a few dozen identical form submissions. As such I don't think a JS solution is likely to work and I need something clever in the form itself. Would it be enough to send a random string in a hidden field and check if that string has been used before? My only worry about doing it that way is I'd need to store that string with the form entry which seems like unnecessary overhead. The other way is with CSRF, but I don't want to show a nasty CSRF error - just a blank "this form has been submitted" message.. EDIT: Turns out I can just use an adapted version of this and use CSRF - thanks Soma! https://gist.github.com/somatonic/5233338 Edited March 16, 2016 by Pete Soma has the answer already. 2
LostKobrakai Posted March 16, 2016 Posted March 16, 2016 I wouldn't use the CSRF token, as it's also preventing any other form loaded before the form submittion to be canceled. At best you'd use a custom token to prevent the double submittion.
Recommended Posts