In the past I''ve disabled the submit button with javascript, which is
the easist. But for browsers with javascript disabled, I''ve also used
the synchronizer token pattern, which entails setting a unique
identifier into the session for any "instance" of a rendered form on a
page. That way you can check to see if it''s been submitted before
re-running processing logic.
Here''s an article on the idea, though it''s Java:
http://www.javaworld.com/javaworld/javatips/jw-javatip136.html
On 2/24/06, Curtis Spencer <thorin@gmail.com>
wrote:> Hi,
>
> I have a sensitive submit button that does a separate credit card
> payment post in the controller action, which could take ~2 seconds. I
> want to ensure that if the user double clicks on it, that the controller
> won''t do two payments. Right now, I do a redirect after the
payment
> succeeds, so a refresh of the page won''t cause a problem but I am
> worried about multiple requests causing multiple payments to go through.
>
> I used to avoid this a few years ago by putting a token into the session
> and removing it on the first request and check to see if it is there at
> the top of the controller action. However, in this case it would just
> kick an error to the user saying you tried to double submit the payment,
> which is not very elegant.
>
> With Firefox 1.5, I can jam on the submit button many times and it will
> only do one request, but do I need to worry about older browsers? Is
> there a rails idiom to take care of this?
>
> Thanks,
> Curtis
>
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>