I am running an enterprise-level PHP application. This is a browser game with thousands of Internet users on the infrastructure, which my boss refuses to update, and the equipment runs on 2-3 system load (yep linux) at any time. In any case, this is not a real problem. The real problem is that some users are waiting for the server to load (in prime time), and they bring their mouse clicks, and they press the same submit button as 10-20 times, while sending 10-20 requests while the server is still creating the initial request, thereby not updating the cache and database.
I currently have an output variable for each request that is valid for 2 minutes, and I have a mutex lock, which is basically a flag inside memcache, which, if found, blocks script execution further, but the mouse clicker does there are so many requests at the same time that they work almost simultaneously, which is a big problem for me.
As you, most people at StackOverflow deal with this issue. I was thinking about flagging a cookie / session, but I think I will get into the same problem if the server is overloaded. Optimization is impossible, the source is 7 years old and quite optimized, without querying on most pages (disabling cache) and only querying the database for a specific user input, like the one I'm trying to prevent.
Yes, this is procedural code without real objects. The machines run PHP 5, but the code itself is more connected with PHP 4. I know that I know this old and other things, but we cannot save the resource from overwriting all this mess, since most of the original developers left it to know how the material is interwoven and yes, I mostly fix old holes. But as far as I know, this is a common problem on loaded PHP sites.
PS: Disabling a button from javascript to submit is not an option. Real cheaters are advanced users. One of them wrote a bot clicker and packaged it as a Google Chrome extension. Do not ask how I dealt with this.