Presumably the NULL is a surrogate key correct? If there's no other key which can be defined as unique (which would then therefore toss an error instead of inserting), what you do is use sessions to generate tokens. This token is provided along with the form, and then it is consumed when the form is submitted. Simple as:
// this is the script creating the form
$_SESSION['token'] = md5(microtime(true));
//. . .
<input type="hidden" name="token" value="<?php echo $_SESSION['token'];?>"/>
Then when you process:
if (isset($_SESSION['token'], $_POST['token']) && $_SESSION['token'] == $_POST['token'])
// yay all good.
// do stuff
print 'Token has already been consumed.';
Now if they refresh and resend, the $_SESSION['token'] is no longer set and will fall to the else.