I have a web forms web application (asp.net 2.0). When the user submits the form I have the submit link actually going away so they can't submit it again. However, they could press F5 and that is causing another insert into the database, which I don't want to have happen.
Is there a setting of some sort that I can set if/when they do press F5 to tell the page - don't submit again?
You can do several things. Store a boolean in ViewState. Check/set the property. Store the boolean in Session and check/set it.
On postback, you set the value and if the value is true, prevent submission and raise/display an error.
It sounds like you're doing a postback to the same page, then inserting to a database before redisplaying the same page to the user, minus the submit button?
If this is the case, the easiest way around your problem is to do a Response.Redirect() to the same page - so when the user presses F5 it will reload the GET request to the page instead of the POST.
When you do a postback in ASP.NET the browser will send a POST request to the server. I don't know your background in HTTP methods, but even if you're new to web programming you've probably experienced the effects of these types of requests in browsers. Sometimes when you submit forms on websites and hit the back button, it will say something like "would you like to resubmit the form data". This is because those forms are sending data to the server using the HTTP POST method. The effect of the back button in this case is the same as when you press F5 - the browser is repeating the exact same POST request over again (which requires some type of form data, and in these cases it's the same data you submitted the last time).
When you use Response.Redirect(), the server is issuing HTTP status code 302 (resource moved temporarily) in response to the request. The browser then, will now issue a GET request for the resource it has been told to redirect to (in this case, your same exact page).
Now when you're on the page, it's returned as if you had visited it from a link or typed it directly into the address bar. If you press F5 this time, a GET request will be issued as opposed to a POST.
I would recommend you download Firebug and activate the "Net" panel. You can see exactly what composes a request/response along with a list of all the requests being made on your page.
If you're feeling adventurous you can check out even more status codes (and by the way I have actually used 418 in an application I'm working on as a hack to get around Forms Authentication for ASP.NET).
If Firebug isn't enough, you can download Fiddler and actually handcraft and replay requests to your liking.
If GET and POST aren't enough for you, you can use other methods to change states in your application. You may have heard of RESTful architecture, which basically uses the HTTP methods GET, PUT, POST, and DELETE as they were intended.
There was a very recent article on Code Project that presented a way to handle unwanted refreshes by using an HttpModule, a hidden field and some JavaScript. It might not be right for you, but it is a nifty solution that does not rely on ViewState or Session.
You could try this. If it doesn't suit your needs, it is at least good to know about.
Post - Redirect - Get
You could try this approach http://stackoverflow.com/questions/2283043/gridview-adds-duplicate-row-on-page-refresh/2283137#2283137