Menu
I have a PHP application where users can apply for a bonus. But there is a confirmation page before the bonus redemption code runs.
The issue is that in IE, if you hit f5 right after you click the continue button, the confirmation page refreshes while the bonus redemption code had already been triggered by the continue button and actually goes through. But because the user still sees the confirmation page, they would hit the continue button again and now they get an error cause they are already registered.
Is there a way i can disable the f5 button using javascript? Is this the best way to go about this? I have tried many scripts i found online to do this, but none of them achieves it. Is there a better way I can go about this? Perhaps from the application side?
995
Edit: If the outcome of claiming a bonus is databased, you can load existing claims on your confirmation screen and test that one already exists.
Edit: the other neat trick you can do is serailize/json_encode the $_POST and produce a hash from this, store it in the database or user session, and test against it.
I would generate and database a single use token (hash) for the form as a hidden field, if post data is re-sumbited, the token would have already been consumed, and you can invalidate the post request.
58
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
