Quote:
How can I control the effect of browser back button?
|
You don't.
Quote:
I have an HTML page containing a number of form fields but containing absolutely no user identification as the submission of the form must be anonymous.
|
You cannot entirely prevent duplicate submissions of truly anonymous data - if you don't know who someone is, you don't know whether they've made a submission already.
What you can do is generate your unique identifier on page 0, and traverse pages using POST form submissions only, requiring a valid unused unique identifier for both page 1 (where the data is filled in)
and page 2 (where the data is saved).
If you receive a GET request for page 1/2, either display an error or goto the start of the process with a suitable message.
If you receive a POST request with an already used identifier, you either show an error or allow users to revise their submission.
Obviously don't store your unique identifiers in relation to other information (including via any logging or error tracking) - simply store the fact that they were generated, plus a reduced-resolution expiry time (e.g. always round up to the next hour), and clear them after a suitable period (maybe a couple of hours after generation, or whatever is appropriate).
This doesn't prevent deliberate attempts to submit twice - again, you can't do that with anonymous submissions - but it will help with accidental duplications.
None of this relies on LocalStorage/JavaScript/cookies/etc - it's all basic HTML and HTTP.