Classic ASP Discussion - Prevent duplicate form submits

Prevent duplicate form submits

Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: Classic ASP Discussion
Forum Description: Discussion on Active Server Pages (Classic ASP).
URL: https://forums.webwiz.net/forum_posts.asp?TID=22311
Printed Date: 29 March 2026 at 10:25am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: Prevent duplicate form submits

Posted By: dfrancis
Subject: Prevent duplicate form submits
Date Posted: 01 January 2007 at 11:37pm

Hi guys,

What is your favorite way of preventing duplicate submits on your forms?

Because I do work for Governmental/Political websites, I'm looking for a method that does not "require" JavaScript or Sessions to be passed.

I'm really interested in how you all have addressed this issue.

Thanks.

Replies:

Posted By: Brolin99
Date Posted: 04 January 2007 at 2:18am

Hi there,

I had this problem a while back but found a way around it - although it depends on how you're using the form.

I had a User ID for each person inputing the data, and I created an ID for each form. Then, when the data got put into the database it would check to make sure that the user hadn't already filled the form out (obviously, on the first input I recorded the User ID and Form ID) - hope that helps.

Cheers

Posted By: theSCIENTIST
Date Posted: 07 January 2007 at 4:48pm

I deal with this the same way, I always check against a unique field in the database to see if it is already there.

If what you are asking is to prevent the same user sending more than once, and no session use, then store his IP and datetime of submission, check against this IP every time the form is submited, use datetime to allow him submit again in x hous/days whatever, also note that the IPs are not always given fixed to end users and someone on a dynamic assignment will be albe to submit again if he disconnects and reconnects getting a new IP.

Better than all this is to have user registration/login, this way you always know what a particular user can/cannot do.

-------------
:: http://www.mylittlehost.com/ - www.mylittlehost.com

Posted By: snapey
Date Posted: 08 January 2007 at 2:02am

The problem with IP tracking is that from most organisations, all the users will appear on the same IP. If its likely that multiple people from one organisation will want to contribute then you can't use the IP.

Posted By: dfrancis
Date Posted: 08 January 2007 at 2:20am

Thanks for the ideas folks.

You're right about the IP issue. I've had as many as 100 users with the same IP on my site at the same time.

I was looking for a fool proof way to prevent duplicates on a political website where cookies/sessions and javascript are not to be used.

The simplest though not fool proof way I found was a simple redirect on processing.

I had an email form and simply used server side validation and then if it the form was good, process the form and then redirected to another page thus preventing the refresh issue. Sure, they could use the back button and submit again but I was only trying to avoid the inadvertent double post.

Thanks again.

Posted By: snapey
Date Posted: 08 January 2007 at 6:56pm

Rather than store a 'cookie' on the visitors machine, just use a session variable. Set a flag if the form is submitted correctly, and then ignore if its already set. At least this way the visitor has to completely close the browser, revisit the site and refill the entire form.

I know session variables need 'cookies' to save the state but these are temporary only and are so widely needed I can't believe they are blocked in many circumstances.