Add front-end control logic, when the user clicks to post, disable the "Post" button
Add background control logic. When a post request is sent, check whether the person has sent a post with the same title and content. If so, prohibit the creation of this duplicate post
You can generate an id when rendering the template, then submit the id together when submitting, and then compare it with the backend, so that if the passed id is incorrect, then the processing will be ignored.
Then write one yourself in the backgroundcsrfOkay, let me give you some ideas, automatically generate a key, and bring the key when submitting the content. If they are the same, reset the key or clear it. If they are different, it is submitted again.
Form form post past a random string from a hidden field and put it into the session The program receives this random string and compares it with the string in the session. If it is the same, it will be submitted. If it is not the same, it will prompt an error. It needs to be reset when comparing. This session is enough
1.JS verification, disable the submit button after submission 2. Server-side verification, every time the page is refreshed, a token will be generated in the page. When submitting data to the server, it will be judged whether the token is valid, then the data will be processed and the token will be destroyed. If the front-end repeats The submission will definitely not be processed because the token has been destroyed
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Disable the button immediately after clicking it. If the submission fails, restore the button, otherwise it will be redirected to the success page.
Or after clicking, a mask will pop up.
However, both of the above solutions require js. Why don't you want to use js?
1.JS button prevents repeated clicks
2. Server cache control, the method is to write the library repeatedly
3. Create a unique index in the database (for example, the post title is unique and cannot be repeated)
Can be controlled from the front and backend:
Add front-end control logic, when the user clicks to post, disable the "Post" button
Add background control logic. When a post request is sent, check whether the person has sent a post with the same title and content. If so, prohibit the creation of this duplicate post
You can generate an id when rendering the template, then submit the id together when submitting, and then compare it with the backend, so that if the passed id is incorrect, then the processing will be ignored.
First, a simpler solution is to use the debounce function to limit the frequency of DOM callback triggers.
Second, if you still have to consider the situation where users disable js in this era, then don’t do it on the front end.
This problem cannot be solved by relying on the front end alone.
Add caching, use map for single machine, and use redis for distributed caching.
Use Mysql’s stored procedure to hand over the concurrency pressure to the database
Add lock, optimistic lock or pessimistic lock
Unique key
The current page generates a unique id. When submitting, the server determines that it will only be processed once, such as
laravel的表单提交页都有个csrf_tokenThen write one yourself in the background
csrfOkay, let me give you some ideas, automatically generate a key, and bring the key when submitting the content. If they are the same, reset the key or clear it. If they are different, it is submitted again.Form form post past a random string from a hidden field and put it into the session
The program receives this random string and compares it with the string in the session. If it is the same, it will be submitted. If it is not the same, it will prompt an error. It needs to be reset when comparing. This session is enough
1.JS verification, disable the submit button after submission
2. Server-side verification, every time the page is refreshed, a token will be generated in the page. When submitting data to the server, it will be judged whether the token is valid, then the data will be processed and the token will be destroyed. If the front-end repeats The submission will definitely not be processed because the token has been destroyed