[LRUG] Double submit

Murray Steele murray.steele at gmail.com
Fri Apr 24 03:11:26 PDT 2015


If this is a rails app, adding a lock_version column to the model gives you
this sort of thing for minimal effort.  Saves for a model will fail when
the lock version is not correct (see:
http://api.rubyonrails.org/classes/ActiveRecord/Locking/Optimistic.html).

Although I guess it’s possible there may be race-conditions here?  Can’t
say I’ve used it recently to be able to give any hints.

On 24 April 2015 at 10:51, Philip stevens <phil at retechnica.com> wrote:

>
>
> I agree with Riccardo and I would follow up on this by having the DB, or
> any persistent layer, store these uniquely. So if one request came close
> enough to another and the read returned nothing it would still fail on the
> write.
>
> I presume when you are talking about special few outpacing the browser you
> mean they have JavaScript disabled? Otherwise in Rails you can do the
> following:
>
> <code>
> submit_tag 'Submit', data: { disable_with: 'Text’ }
> </code>
>
> Regards,
>
> Phil
>
> > On 24 Apr 2015, at 09:51, Riccardo Tacconi <rtacconi at gmail.com> wrote:
> >
> > Hi,
> >
> > You could put a hash in  a hidden field, when Rails receives the first
> submission you save it in the session with a timestamp. Every time you
> receive new submission you check if the has has been already used in the
> last few seconds, if it was already used you trigger a validation error.
> You will have to clean stale submission from the session. Otherwise you
> could put the has in the DB.
> >
> > On 24 April 2015 at 09:43, Andrew Stewart <boss at airbladesoftware.com>
> wrote:
> > Hello LRUG!
> >
> > Some people using my Rails app are speedy double-clickers of form submit
> buttons.  While I admire their alacrity I would like Rails to ignore the
> duplicate submissions.
> >
> > Disabling the submit button client-side heads off the
> quick-but-not-lightning double-clickers.  However a special few still
> outpace the browser so I am after a server-side solution.
> >
> > I imagine each form submission would have a unique token and the server
> would ignore or raise an error for submissions with duplicate tokens within
> a rolling window of, say, a few seconds.  Perhaps this would be handled in
> a Rack middleware.
> >
> > Does such a thing already exist?  I know this is an old problem but I
> can't seem to find any decent solutions.
> >
> > Thanks in advance!
> >
> > Yours,
> >
> > Andy Stewart
> > _______________________________________________
> > Chat mailing list
> > Chat at lists.lrug.org
> > Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> > Manage your subscription:
> http://lists.lrug.org/options.cgi/chat-lrug.org
> > List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
> >
> >
> >
> > --
> > Riccardo Tacconi
> >
> > http://github.com/rtacconi
> > http://twitter.com/rtacconi
> > _______________________________________________
> > Chat mailing list
> > Chat at lists.lrug.org
> > Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> > Manage your subscription:
> http://lists.lrug.org/options.cgi/chat-lrug.org
> > List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20150424/a33ffc48/attachment-0003.html>


More information about the Chat mailing list