• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Avoiding duplicate form submissions

 
Andy Hahn
Ranch Hand
Posts: 225
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a servlet-based strategy for preventing a user from submitting a form and then hitting refresh over and over again? I guess I should clarify, I don't necessarily need to prevent the user from doing this, but I would like the server to be able to recognize the duplicate submit so that I can handle it. Thanks
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

PRG

Hope this helps
 
Yogendra Joshi
Ranch Hand
Posts: 213
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Seetharam,

Thanks for the PRG link. However my doubt is as follows :

You talked about submitting the POST request and then redirecting to a view when the request is COMPLETED and then the problem is solved because even if the user hits refresh , its only the view which will be posted again and would not cause a non-idempotent request.

But the above condition has a BIG IF, what IF the ISP provider of the user doing an online transaction is slow and the user gets frustrated and clicks refresh BEFORE completing the initial request. What i mean is, the original request is still in process and user clicks refresh , so a new HTTP POST would be submitted and thereby withdrawing the customers bank account twice. How will PRG pattern be able to stop this ? or is this an another way for doing this ?

Regards
Yogendra N Joshi.
 
Pankaj Misra
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Andy,

The postback functionality that you intend to achieve for avoiding duplicate submission can be achieved by combining the URL method and the request URL verification. The code representation can be found at
http://www.paramountideas.com/node/11

Let me know if it helped you in your case.

Regards
Pankaj
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That won't help.

Make use of a token in the session scope which you pass in as a hidden input parameter of the form and immediately remove/change it on the very beginning of the request processing.
 
Yogendra Joshi
Ranch Hand
Posts: 213
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Bauke,

Can you shred some light on my question too please.

Regards
Yogendra
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't respond to topic hijackers. Start your own topic.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64620
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"misra_pankaj", please check your private messages for an important administrative matter.
 
Pankaj Misra
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Bear, I have corrected my name as per the site policy
 
Pankaj Misra
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Andy, please let us know which of the above solutions is more near to solving your problem.

It seems while we discuss and argue about the problem, we may be drifting away from the root cause which may not help.

Andy, please speak up and let us know your thoughts.
 
Andy Hahn
Ranch Hand
Posts: 225
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe this should accomplish what I am looking to do: http://struts.apache.org/2.x/docs/token-interceptor.html
 
Andy Hahn
Ranch Hand
Posts: 225
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just wanted to clarify - the real solution to my problem was to use the PRG as Bear outlined in his article. In my previous post I had mentioned using the Struts2 Token Interceptor, but that did not solve the problem I had described in my initial post. The token interceptor solves the problem where the user resubmits during the processing of the previous submit. So the end solution to my initial problem was to redirect from one action to another which in turn changed the url and disallowed users from clicking the refresh button and inserting duplicate records.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic