I'm developing a website (based on wordpress if that matters) that has a cart and order checkout. On order checkout the script saves the order inside the database, with a mechanism to prevent multiple insertions of the same order, but only works half.
The steps:
- Generating a form with an input field that contains a token which I use later to check if the form was already submitted.
- User submits the form to a separate page that handles the logic. Here I check if the form token exists inside _SESSION. If exists then unset it and proceed. If doesn't exist then the form is already submitted.
- Check if order is already saved based on a boolean inside the order object (which I keep inside session between pages). If the saved flag is not raised then save it inside db.
As you can see I have a double check, which WORKS if I submit the form and wait about 1 sec. The problem is when I crazy hammer that submit button 6-7 times in 1 second (which user could do). The order is inserted multiple times.
I think this is due to some server latency or the fact that I use a plugin for enabling _SESSION inside wordpress, which saves everything inside the DB. So when I save/access a session variable there is a DB call with some latency.
Is there a way to prevent firing multiple instances of the script when the user submits the form? Or any other solution? I don't really want to use javascript to disable the button if possible, the user could have it disabled.
