prevent双提交/后ASP.NET MVC页 [英] Prevent Double Submit / Post on ASP.NET MVC page
问题描述
我希望关于我打算在ASP.NET MVC应用程序4用于preventing重复记录的方法的一些反馈,并在效果敲我没有为用户的体验,虽然
I am hoping for some feedback about the method I intend to use for preventing duplicate records in an ASP.NET MVC 4 application, and the knock on effects I have not though of for the users experience.
Web表单中有六个输入字段和保存按钮(以及取消按钮),用户可以利用长达10分钟填写表格。
The web form has six input fields and a save button (as well as a cancel button), Users can take up to 10 minutes filling in the form.
一旦字段通过后的页面上成功/失败重定向到不同的页面,该数据是使用一个新的GUID作为主键记录在数据库表后提交。
Once the fields are submitted via a post the page is redirected on success / failure to a different page, after the data is recorded in a database table using a new Guid as the primary key.
要停止用户pressing保存按钮很多次,但允许浏览器时,形式是重新发布一个封闭的连接,我打算为新记录的主键作为一个隐藏的输入字段中提供的GUID的要求渲染。
To stop the users pressing the save button many times, but allowing the browser to repost the request on a closed connection I intend to provide the Guid for the new records primary key as a hidden input field when the form is rendered.
如果在重新发布情况发生,或者用户presses保存多次,数据库服务器将拒绝该记录的第二个职位,因为重复的键,我可以检查和服务器端处理的。
If the repost happens, or the user presses save multiple times, the database server will reject the second post of the record because of a duplicate key, which I can check for and cope with server side.
但是,这创造更大的问题给我吗?
But does this create bigger problems for me?
推荐答案
如果你使用一个隐藏的防伪标记在你的形式(如您应该),你可以缓存防伪标记在首次提交和删除如果需要从缓存中的令牌,或者到期后的时间设定量的缓存项。
If you make use of a hidden anti-forgery token in your form (as you should), you can cache the anti-forgery token on first submit and remove the token from cache if required, or expire the cached entry after set amount of time.
您随后将能够检查与打击的具体形式是否已经提交缓存每个请求,并拒绝它,如果它了。
You will then be able to check with each request against the cache whether the specific form has been submitted and reject it if it has.
您不需要生成自己的GUID,因为这已经在这样做产生防伪标记时。
You don't need to generate your own GUID as this is already being done when generating the anti-forgery token.
这篇关于prevent双提交/后ASP.NET MVC页的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
