What is the best practice on using isTokenValid()? Does one use if for all form posts to check for duplicate or only on those that issue a transaction like Save or Update? In other words does a search need to use the token checking on form post?
Never be satisfied with anything less than the best and you will surely pass the test...
posted 11 years ago
I say there's no point in dealing with the overhead of tokens in situations where it doesn't really matter if the user submits twice. In a search, there's no real harm done if there's a double submit.