Hi Nick:
Yes, I could use a good night's sleep! I'm in the process of
implementing the suggestions from Yehuda and James that I got
yesterday. I had been thinking of something along that line but I
also wanted to know why this turned up twice now after 12 years of
running basically the same func
> On 19 Jan 2021, at 16:55, John wrote:
>
> I scanned for the customer's IP
What leads you to suppose the customer's IP was unchanged between
the two orders?
Sorry, there's no sensible explanation: the above is the only comment
I can offer at a technical level. Maybe the customer is messing
Thanks James.
Yes, all we received was the duplicate POST so far as I can find. The
script that would have initiated that POST was not shown in the log as
having been run. That's what caught my attention.
I have been misunderstanding the html standard since I was of the
opinion that it did not
Thanks Yehuda, I think you may have caught it.
What happens is that the order entry page returns with an attached pdf
copy of the invoice but this is not a redirect, it is the same page
that they POST'd. The customer then has to click "finished" to get
back to the web site.
So I learned somethin
Yes, I would agree that it isn't Apache but where else would I find a
group of people with extensive experience with web interfaces.
Our transaction logs and order entry system show these false orders
but that is what I would expect since a perfectly consistent order was
placed online. The prob
Trying to understand - was it just the last POST that you were seeing - not the
series of posts leading up to that stage of the form process..
In this case it looks as (Yehuda is just saying) that the request is kept in
the browser.
There are some ways to get around this:
(1) never POST and pri
It is likely that the user still has the browser tab open and it refreshes
for some reason, or their browser crashed and reopened, or they use a
session restore tool when they reopen the browser - all of these could
cause an exact duplicate request.
You might want to look into the Post-Redirect-Get
On Tuesday 19 January 2021 at 18:00:11, Ruben Safir wrote:
> this has nothing to do with apache
I think that's a somewhat harsh way of putting it, but I do agree that since
"that page does not show in the httpd log as having been served" you are
correct, and the problem lies elsewhere. I would
this has nothing to do with apache
On Tue, Jan 19, 2021 at 11:55:41AM -0500, John wrote:
> Since the beginning of 2021 we have encountered two online orders and
> possibly a third, where the customer denies making the order and the
> httpd log seems to confirm that.
>
> In each case, the person