We encounter countless forms on the Internet every day, and we also see that most of them do not restrict users from submitting the same form multiple times. The lack of such restrictions can sometimes produce some unexpected results, such as repeated subscriptions to email services or repeated voting. Maybe some ASP beginners don't know how to limit repeated submission of the same form in ASP applications, so here I will introduce to you a simple method to prevent users from submitting the same form multiple times during the current session in ASP applications.
This work is mainly composed of four subroutines. In simpler applications, you only need to put these codes in the included files for direct reference; for more complex environments, we give some improvement suggestions at the end of the article.
1. Basic working process
Below we discuss these four subroutines in turn.
(1) Initialization
Here we need to save two variables in the Session object, among which:
⑴ Each form corresponds to a unique identifier called FID, and a counter is used to make this value unique.
⑵ Whenever a form is submitted successfully, its FID must be stored in a Dictionary object.
We use a dedicated process to initialize the above data. Although it will be called by each subroutine in the future, it is actually only executed once during each session:
Sub InitializeFID()
If Not IsObject(Session("FIDList")) Then
Set Session("FIDList")=Server.CreateObject("Scripting.Dictionary")
Session("FID")=0
End If
End Sub
(2) Generate the unique identifier of the form.
The following function GenerateFID() is used to generate the unique identifier of the form. This function first increments the FID value by 1 and then returns it:
Function GenerateFID()
InitializeFID
Session("FID") = Session("FID") + 1
GenerateFID = Session("FID")
End Function
(3) Register the submitted form.
When the form is successfully submitted, register its unique identifier in the Dictionary object:
Sub RegisterFID()
Dim strFID
InitializeFID
strFID = Request("FID")
Session("FIDlist").Add strFID, now()
End Sub
(4) Check whether the form is submitted repeatedly.
Before formally processing the form submitted by the user, you should check whether its FID has been registered in the Dictionary object. The following CheckFID() function is used to complete this work. If it has been registered, it returns FALSE, otherwise it returns TRUE:
Function CheckFID()
Dim strFID
InitializeFID
strFID = Request("FID")
CheckFID = not Session("FIDlist").Exists(strFID)
End Function
2. How to use
There are two places where the above function is used, namely when the form is generated and when the results are processed. Assume that the above four subroutines have been placed in the included file Forms.inc. The following code determines whether to generate a form or process the form results based on the FID value. The processing process it describes is suitable for most ASP applications:
<%Option Explicit%>
< !--#include file="forms.inc"-->
<HTML>
<HEAD>
<TITLE>Form submission test</TITLE>
</HEAD
<BODY>
< %
If Request("FID") = "" Then
GenerateForm
Else
ProcessForm
End If
%>
</BODY>
< /HTML>
GenerateForm is responsible for generating the form, which should contain a hidden FID, such as:
< %
SubGenerateForm()
%>
< form action="< %=Request.ServerVariables("PATH_INFO")%>" method=GET>
< input type=hidden name=FID value="< %=GenerateFID()%>">
<input type=text name="param1" value="">
<input type=submit value="OK">
</form>
< %
End Sub
%>
ProcessForm is responsible for processing the content submitted through the form, but before processing, CheckFID() should be called to check whether the current form has been submitted. The code is as follows:
< %
SubProcessForm()
If CheckFID() Then
Response.Write "What you entered is" & Request.QueryString("param1")
RegisterFID
Else
Response.Write "This form can only be submitted once!"
End If
End Sub
%>
3. Limitations and Improvement Measures
Above we introduced a method to limit the same form from being submitted multiple times during the current session. In practical applications, improvements may need to be made in many aspects, for example:
⑴ Check the legality of the data entered by the user before registering the form ID, so that when the data is illegal, the user can press the "Back" button to return and submit the same form again after correction.
⑵ This restriction on form submission is valid only for the duration of the current session at most. If this restriction is required to span multiple sessions, Cookeis or a database will be used to save relevant data.