disable button to prevent double submit

resources/templates/header.php

@@ -162,7 +162,10 @@
             <form method='POST' action=''>
               <input type='hidden' name='form_type' value='clearView'>
               <input type='hidden' name='uid' value='$viewUser'>
-              <input type='submit' value='Return to My User'>
+              <input
+                type='submit' value='Return to My User'
+                onclick='this.form.submit(); this.disabled=true;'
+              />
             </form>
           </div>
         ";

webroot/admin/ajax/get_group_members.php

@@ -45,7 +45,7 @@
         <input type='hidden' name='form_type' value='remUserChild'>
         <input type='hidden' name='uid' value='" . $member->uid . "'>
         <input type='hidden' name='pi' value='" . $group->gid . "'>
-        <input type='submit' value='Remove'>
+        <input type='submit' value='Remove' onclick='this.form.submit(); this.disabled=true;'>
         </form>
     ";
     echo "</td>";
@@ -71,8 +71,16 @@
     <input type='hidden' name='form_type' value='reqChild'>
     <input type='hidden' name='uid' value='" . $uid . "'>
     <input type='hidden' name='pi' value='" . $group->gid . "'>
-    <input type='submit' name='action' value='Approve'>
-    <input type='submit' name='action' value='Deny'></form>";
+    <input
+      type='submit' name='action' value='Approve'
+      onclick='this.form.submit(); this.disabled=true;'
+    />
+    <input
+      type='submit' name='action' value='Deny'
+      onclick='this.form.submit(); this.disabled=true;'
+    />
+    </form>
+    ";
     echo "</td>";
     echo "</tr>";
 

webroot/admin/pi-mgmt.php

@@ -65,6 +65,7 @@
     $requests = $SQL->getRequests();
 
     foreach ($requests as $request) {
+        $uid = $request["uid"];
         echo "<tr>";
         echo "<td>" . $request["firstname"] . " " . $request["lastname"] . "</td>";
         echo "<td>" . $request["uid"] . "</td>";
@@ -75,10 +76,22 @@
             "<form action='' method='POST'>
         <input type='hidden' name='form_type' value='req'>
         <input type='hidden' name='uid' value='" . $request["uid"] . "'>
-        <input type='submit' name='action' value='Approve'
-        onclick='return confirm(\"Are you sure you want to approve " . $request["uid"] . "?\");'>
-        <input type='submit' name='action' value='Deny'
-        onclick='return confirm(\"Are you sure you want to deny " . $request["uid"] . "?\");'>
+        <input
+          type='submit' name='action' value='Approve'
+          onclick='
+            confirm(\"Are you sure you want to approve $uid?\")
+            && this.form.submit()
+            && this.disabled=true;
+          '
+        >
+        <input
+          type='submit' name='action' value='Deny'
+          onclick='
+            confirm(\"Are you sure you want to deny $uid?\")
+            && this.form.submit()
+            && this.disabled=true;
+          '
+        >
         </form>";
         echo "</td>";
         echo "</tr>";

webroot/panel/account.php

@@ -156,16 +156,29 @@
         >
     ";
     if ($SQL->accDeletionRequestExists($USER->uid)) {
-        echo "<input type='submit' value='Request PI Account' disabled />";
+        echo "
+          <input
+            type='submit' value='Request PI Account' disabled
+            onclick='this.form.submit(); this.disabled=true;'
+          />
+        ";
         echo "
             <label style='margin-left: 10px'>
                 You cannot request PI Account while you have requested account deletion.
             </label>
         ";
     } else {
         if ($SQL->requestExists($USER->uid)) {
-            $prompt = "onclick='return confirm(\"Are you sure you want to cancel this request?\")";
-            echo "<input type='submit' value='Cancel PI Account Request' $prompt'/>";
+            echo "
+              <input
+                type='submit' value='Cancel PI Account Request'
+                onclick='
+                  confirm(\"Are you sure you want to cancel this request?\")
+                  && this.form.submit()
+                  && this.disabled=true;
+                '
+              />
+            ";
             echo "
                 <label style='margin-left: 10px'>
                     Your request has been submitted and is currently pending
@@ -174,8 +187,16 @@
             ";
         } else {
             echo "<input type='hidden' name='form_type' value='pi_request'/>";
-            $prompt = "onclick='return confirm(\"Are you sure you want to request a PI account?\")";
-            echo "<input type='submit' value='Request PI Account' $prompt'/>";
+            echo "
+              <input
+                type='submit' value='Request PI Account'
+                onclick='
+                  confirm(\"Are you sure you want to request a PI account?\")
+                  && this.form.submit()
+                  && this.disabled=true;
+                '
+              />
+            ";
         }
     }
     echo "</form>";
@@ -199,7 +220,10 @@
         >
             <input type='hidden' name='delIndex' value='$i' />
             <input type='hidden' name='form_type' value='delKey' />
-            <input type='submit' value='&times;' />
+            <input
+              type='submit' value='&times;'
+              onclick='this.form.submit(); this.disabled=true;'
+            />
         </form>
     </div>";
 }
@@ -216,12 +240,16 @@
     echo "<option>$shell</option>";
 }
 echo "
-    </select>
-    <br>
-    <input id='submitLoginShell' type='submit' value='Set Login Shell' />
-    </form>
-    <hr>
-    <h5>Account Deletion</h5>
+  </select>
+  <br>
+  <input
+    type='submit'
+    id='submitLoginShell' value='Set Login Shell'
+    onclick='this.form.submit(); this.disabled=true;'
+  />
+  </form>
+  <hr>
+  <h5>Account Deletion</h5>
 ";
 
 if ($hasGroups) {
@@ -237,13 +265,23 @@
         <input type='hidden' name='form_type' value='account_deletion_request' />
     ";
     if ($SQL->accDeletionRequestExists($USER->uid)) {
-        echo "<input type='submit' value='Request Account Deletion' disabled />";
         echo "
-            <label style='margin-left: 10px'>
-            Your request has been submitted and is currently pending</label>
+          <input
+            type='submit' value='Request Account Deletion'
+            onclick='this.form.submit(); this.disabled=true;'
+            disabled
+          />
+          <label style='margin-left: 10px'>
+            Your request has been submitted and is currently pending
+          </label>
         ";
     } else {
-        echo "<input type='submit' value='Request Account Deletion' />";
+        echo "
+          <input
+            type='submit' value='Request Account Deletion'
+            onclick='this.form.submit(); this.disabled=true;'
+          >
+        ";
     }
     echo "</form>";
 }

webroot/panel/groups.php

@@ -95,7 +95,10 @@
         echo "<form action='' method='POST' id='cancelPI'>
             <input type='hidden' name='pi' value='{$requested_account->gid}'>
             <input type='hidden' name='form_type' value='cancelPIForm'>
-            <input name='cancel' style='margin-top: 10px;' type='submit' value='Cancel Request'/>
+            <input
+              name='cancel' style='margin-top: 10px;' type='submit' value='Cancel Request'
+              onclick='this.form.submit(); this.disabled=true;'
+            />
             </form>";
         echo "</td>";
         echo "</tr>";
@@ -144,7 +147,7 @@
     onsubmit='return confirm(\"Are you sure you want to leave the PI group " . $group->gid . "?\")'>
     <input type='hidden' name='form_type' value='removePIForm'>
     <input type='hidden' name='pi' value='" . $group->gid . "'>
-    <input type='submit' value='Leave Group'>
+    <input type='submit' value='Leave Group' onclick='this.form.submit(); this.disabled=true;'>
     </form>
     </td>";
     echo "</tr>";

webroot/panel/modal/new_key.php

@@ -31,13 +31,19 @@
 
     <div id="key_paste">
         <textarea placeholder="ssh-rsa AAARs1..." form="newKeyform" name="key"></textarea>
-        <input type="submit" value="Add Key" id="add-key" disabled />
+        <input
+          type="submit" value="Add Key" id="add-key" disabled
+          onclick="this.form.submit(); this.disabled=true;"
+        />
     </div>
 
     <div style="display: none;" id="key_import">
         <label for="keyfile">Select local file:</label>
         <input type="file" name="keyfile" />
-        <input type="submit" value="Import Key" disabled />
+        <input
+          type="submit" value="Import Key" disabled
+          onclick="this.form.submit(); this.disabled=true;"
+        />
     </div>
 
     <div style="display: none;" id="key_generate">
@@ -49,7 +55,10 @@
     <div style="display: none;" id="key_github">
         <div class='inline'>
             <input type="text" name="gh_user" placeholder="GitHub Username" />
-            <input type="submit" value="Import Key(s)" disabled />
+            <input
+              type="submit" value="Import Key(s)" disabled
+              onclick="this.form.submit(); this.disabled=true;"
+            />
         </div>
     </div>
 </form>

webroot/panel/modal/new_pi.php

@@ -13,7 +13,7 @@
         <input type="text" id="pi_search" name="pi" placeholder="Search PI by NetID" required>
         <div class="searchWrapper" style="display: none;"></div>
     </div>
-    <input type="submit" value="Send Request">
+    <input type="submit" value="Send Request" onclick="this.form.submit(); this.disabled=true;">
 </form>
 
 <script>

webroot/panel/new_account.php

@@ -103,7 +103,10 @@
         <p>You may need to remind them.</p>
         <hr>
         <form action="" method="POST">
-            <input name="cancel" style='margin-top: 10px;' type='submit' value='Cancel Request'/>
+          <input
+            name="cancel" style='margin-top: 10px;' type='submit' value='Cancel Request'
+            onclick='this.form.submit(); this.disabled=true;'
+          />
         </form>
     <?php endforeach; ?>
 <?php else : ?>
@@ -149,7 +152,10 @@
             </a>.
         </label>
         <br>
-        <input style='margin-top: 10px;' type='submit' value='Request Account'>
+        <input
+          style='margin-top: 10px;' type='submit' value='Request Account'
+          onclick='this.form.submit(); this.disabled=true;'
+        />
     </form>
 <?php endif; ?>
 

webroot/panel/pi.php

@@ -66,10 +66,22 @@
             "<form action='' method='POST'>
         <input type='hidden' name='form_type' value='userReq'>
         <input type='hidden' name='uid' value='" . $uid . "'>
-        <input type='submit' name='action' value='Approve'
-        onclick='return confirm(\"Are you sure you want to approve " . $uid . "?\")'>
-        <input type='submit' name='action' value='Deny'
-        onclick='return confirm(\"Are you sure you want to deny " . $uid . "?\")'>
+        <input
+          type='submit' name='action' value='Approve'
+          onclick='
+            confirm(\"Are you sure you want to approve $uid?\")
+            && this.form.submit()
+            && this.disabled=true;
+          '
+        >
+        <input
+          type='submit' name='action' value='Deny'
+          onclick='
+            confirm(\"Are you sure you want to deny $uid?\")
+            && this.form.submit()
+            && this.disabled=true;
+          '
+        >
         </form>";
         echo "</td>";
         echo "</tr>";
@@ -97,10 +109,11 @@
     <input type='hidden' name='form_type' value='remUser'>
     <input type='hidden' name='uid' value='" . $assoc->uid . "'>
     <input
-        type='submit'
-        value='Remove'
+        type='submit' value='Remove'
         onclick='
-            return confirm(\"Are you sure you want to remove $assoc->uid from your PI group?\")
+          confirm(\"Are you sure you want to remove $assoc->uid from your PI group?\")
+          && this.form.submit()
+          && this.disabled=true;
         '
     >
     </form>";