{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 The star\" 的问题《In rails controllers, how to prevent double submit》','https://www.manongdao.com/q-1349074.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Well, everything's in the title but I'll explain a little more :-)
My rails app contain many forms (Ajaxified or not).
To prevent users to submit twice or more some forms, I use Javascript.
There's my scenario for a Ajaxified form :
- the user submit the form (clic or enter)
- the javascript disable the submit button
- the rails controller do things (like a Soap request or an insert in a DB)
- the rails controller update the page and enable the submit button if necessary (in case of errors)
Now I want to add server side code to keeps things really clean if the user bypass the javascript.
Any suggestions?
Here's what I'd do:
This will not prevent double submission, but at least will prevent the changes from second commit. I.e. when user submits the form second time the code will check the submitted token against the one in database and if they do not match - do not do an update to the object.
This also has a draw back for newly created objects (i.e. if user want's to create a comment or smth like that). But in this case you may want to check the creation time interval from same user and if it's less than, say, 5 seconds - you'd prevent the object from being "created".
Not a real suggestion (I won't be surprised of downvotes), but will your site still be usable without JS? How about showing him appropriate message that for normal operation he needs to enable the JS, otherwise you won't show him lots and lots of forms on the page.