posted 22 years ago
Hi guys, the server side solution is to use teh so called synchronizer token. The basic idea is, you put a hidden field in the form that contains a unique value, and you put this value in session. When the user submits the form, you check the hidden field, if the value is same as in teh session, this is a valid submition. you take off the object from session and process the request. If those two does not match, this is a duplicate submition (or a very late one).
If you need code example, feel free to ask.
tobe bondhu nouka bherao<br />shonabo gaan aj shara raat