php double form submit prevent

Question

I would like to avoid the double form submit or unwanted submit when first time clicking the link to the form which outputs empty data.

The code I managed to find there , seems to prevent double or single empty form or previous form submit but it also prevents to submit the form when expected.

Main parts of the code as below, all parts on the same php file.

<?php 
session_start(); 
$_SESSION['token'] = md5(session_id() . time());
?>

<!DOCTYPE HTML>
...

<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>" name="form_submitted">

<input type="hidden" name="token" value="<?php echo $_SESSION['token'] ?>" >

<input type="checkbox" name="catexp[]" value="1">Input1
<input type="checkbox" name="catexp[]" value="2">Input2
<input type="checkbox" name="catexp[]" value="3">Input3

<input type="Submit"  name="Submit" >

</form>

<?php

if (isset($_SESSION['token']))
{
    if (isset($_POST['token']))
    {
        if ($_POST['token'] != $_SESSION['token'])
        {
            // double submit
        }
        else
        {

            // FORM PROCESSING HERE


        }// else ($_POST['token'] == $_SESSION['token'])

    } // if (isset($_POST['token']))

} // if (isset($_SESSION['token']))

?>

What needs to be done to make the form processing in the condition run?

Tkanks Pascal

Answer 1

1. Setup session ID with user
2. Check if session ID is already in the database
3. Insert form if session is unique to database

I would recommend using a client-side check to reduce work required by the server. Use some JavaScript for this.

Answer 2

When first time form is submitted simply clear the $_SESSION['token']

if (isset($_SESSION['token']))
    {
        if (isset($_POST['token']))
        {
            if ($_POST['token'] == $_SESSION['token'])
            {
                unset($_SESSION['token']);
                // do form processing

            }
            else
            {
                // double submit