I'm looking for advice/solutions in handling an AIM Implementation of Authorize.net using PHP for "Duplicate Transaction Submitted" protection, but not overprotection.
While I definitely want to avoid illegitimate charges being permitted from a person clicking the "purchase" button multiple times, refreshing the page, etc I DO NOT want to prevent a person from being able to process a transaction for say $81.00 at 12:00pm and then at 12:15pm wishing to make another purchase for $81.00 and being flagged as duplicate.
Is there a way to deal with this?
Value : The period of time after the submission of a transaction during which a duplicate transaction cannot be submitted.
Format : Any value between 0 and 28800 (no commas).
Notes : Indicates in seconds the period of time after a transaction is submitted during which the payment gateway checks for a duplicate transaction. The maximum time allowed is 8 hours (28800 seconds). If a value less than 0 is sent, the payment gateway defaults to 0 seconds. If a value greater than 28800 is sent, the payment gateway defaults to 28800. If no value is sent, the payment gateway defaults to 2 minutes (120 seconds).If this field is present in the request with or without a value, an enhanced duplicate transaction response is sent. See "Response for Duplicate Transactions," page 57 , for more information