back button in dynamic application

Well, my problem is what the title says. I have build a small application (php + mysql), to test my skills in an e-commerce environment - 6 pages in total.

Each page after the 1st, relies on an id to retrieve/save data. This id is passed usually as hidden form field between pages.

On top of each page i have a small script that checks in what state is the selected id (2 checks actually.... a) if user has reached the last page/step of application and b) if a fantastic payment has been completed for this user) - if both of these conditions are valid, then i redirect user to a thank you page, stating that his process is already completed and he can choose to start over.

Yet i have problems with hitting the back button on my browser. Hitting the back button once, works good - validation check forces the redirect i have implemented in my code.

But hitting the back button fast for 2 or more times, break this script - leading to lost records in my database - in live environment these will be purchases.

So my question is this: what measures should i take to prevent the "back hitting user" of duplicating/deleting/overwrite data records in the application. I am looking for 开发者_StackOverflow中文版ideas and strategies.

Check wether the user is eligble for the thank-you page on any of the pages. You can do this with sessions or by storing a flag into the database.

If a user that has finished the checkout already moves back more than one step you can check on that page if the user has already the checkout done or not - an react according to it.

I don't think is a good idea to pass variables from pages in post forms. Most likely you should make a good use out of sessions, paths and database. What I'm trying to say is to save all info in a good structured database, every step has to be separated, that way you can always return to any step and load that step info from database without losing or breaking anything.

Since is an e-commerce website you can't afford to make a double payment or errors, since one single error can lead you into losing that client.

After finishing the forms you can save a field in database and tell other scripts to redirect the client on another page since he finished.