Block repeating requests to server

Question

I have a simple problem in my application which consists of FLASH frontend and its backend in PHP. Communication is managed through NetConnection and AMF messages to Zend Server which maps my class that contains functions with requests that come to the server side.

Also, each request is signed so if someone manipulates in the request data, it is not accepted on the server side. However, repeating requests is allowed due to no system that prevents it and it causes a problem on the server side. Users try to sneak in and manipulate with data using requests repeating. I know it is a problem laying on the server side but I'd like to prevent from doing requests repeating.

The problem is - how to achieve it? Through sending over a request's number? It causes a synchronization problems because sometimes requests comes in a different way they were sent.

Is a sequencing approach with waiting on the response on the frontend FLASH side a good way to prevent this? Or is there any other option that goes well with such problem?

Answer 1

Send a sequence number AND check if that sequence number was not already processed before, by remembering the last 100 or so sequence numbers. If the sequence number is not in the last 100, it should be higher than the last incoming sequence number remembered.