How do you prevent a user from posting data multiple times on a website

I am working on a web application (J2EE) and I would like to know the options that are available for handling a double post from the browser.

The solutions that I have seen and used in the past are all client-side:

• Disable the submit button as soon as the user clicks it.
• Follow a POST-Redirect-GET pattern to prevent POSTs when the user clicks the back button.
• Handle the onSubmit event of the form and keep track of the submission status with JavaScript.

I would prefer to implement a server side solution if possible. Are there any better approaches than the ones I have mentioned above, or are client-side solutions best?

Its hard to implement an idiot-proof solution (as they are alway improving the idiots). No matter what you do, the client side can be manipulated or perform incorrectly.

Your solution has got to be server side to be reliable and secure. That said, one approach is to review the request and check system/database state or logs to determine if it was already processed. Ideally, the process on the server side should be idempotent if possible, and it will have to protect against dupe submits if it can't be.