You cannot prevent people from submitting information, multiple
times by clicking a form button. You can expire a cache, you
can parse for ip addresses, you can do many things to prevent
the _same_ data from being submitted more than once.
You cannot prevent a childish person from clicking a submit
button more than once. Quite the opposite. There is at least
one person here, a regular participant, who has been accessing
the same pages at my site, ten, twenty, forty times a day,
for years, literally and truthfully. His childish behavior
waxes and wanes with my degree of participation here. I return
for a bit, he is more active. I leave, he becomes less active.
He is very predictable, right down to his hours of business.
There is much you can do to protect your script, to protect
the integrity of your data, to prevent certain ip addresses
from engaging your site.
You cannot prevent childish, possibly mentally disturbed
people from attempting this type of abuse, and there is
at least one person here, who fits that description.
Protection against this type of behavior is very much
like how you protect your username / password file in
your current script.
Other than that, just ignore those people; they are
begging for attention, even negative attention, and
a person here is receiving attention in this article,
which annoys me. Chances are, you are taking notice
of this same childish person who believes it is his
duty in life, to punish others for whatever reason,
most likely, abhorrent self-gratification.
There is a benefit and a revenge. Each minute he, and
others like him, each minute he wastes trying to
abuse others, is a minute wasted from his lifetime,
a minute loss forever.
I delight knowing I am robbing this person of time
from his lifetime, with no effort, with no time of
my own, wasted away.
Protect your script, protect your data, ignore him.