Im sure many people run into this problem. I have a form which posts information to my database; users can easily spam it by clicking the refresh button on their browser after submitting, making lots of repeating rows in my database; any way to solve this problem so that when they click refresh it doesnt double post? TIA

Either set a cookie when the form has been processed. If the cookie exists, the user can't use the form.
or use sessions and store the session in the database, if the session is already in there, don't show the form

its a shoutout form, so i do want them to be able to post stuff more than once; i just dont want them to be able to click refresh to have it post the same things; the mothds you describe only allow the user to post one thing, and that wouldnt work for me

Originally posted by Roost3r
i just dont want them to be able to click refresh to have it post the same things I would just verify that the data they want to add to the database has not already been added then... but it couldn't hurt to also expand on nightfire's ideas to manage/moderate the session for each user if this is a problem for you.

.... and you can set the lifetime of the cookie or with sessions (better) make the session variable value $x seconds in the futire and check for that before processing any posts..

<?
//before posting//
if($_SESSION['last_post']>(mktime()+20)){
//allow post//
}else{
//nah//
}

.........................................
//when processing//
if($successfull_post){
$_SESSION['last_post']=mktime();
}
?>

if(!isset($_SESSION['last_post']) || $_SESSION['last_post']<mktime())
{
if ($submit)
{
$myname = nohtml($myname);
$myso = nohtml($myso);
if ($myname <> "" & $myso <> "")
{
$myso = smilies($myso);
$myso = badwordfilter($myso);
$myname = badwordfilter($myname);
$addshoutoutstr = "INSERT INTO shoutout (name, shoutout) VALUES ('$myname', '$myso')";
$addshoutout = mysql_query($addshoutoutstr) or die("Database Insert Query Error");
$mynow = date("i");
$mynow = $mynow + 2;

$_SESSION['last_post'] = mktime()+100;
echo $_SESSION['last_post'];
echo "<br />";
echo mktime();
echo "<br />";
}
}
}
else
{
echo "<b>You have to wait to post another comment.</b>";
}


ive been trying that and echo'ing the values but it still isnt working the numbers im getting from the echo show the sesion with 100 more, but i can keep posting like it doesnt recognize the $_SESSION['last_post']<mktime()

according to the echo the session is always greater... :confused:

i got it to work... ty; was having problems with session_start() but fixed it :)