[eluser]rogierb[/eluser]
I create a unique value for each form call and store that in the session.(on form_open)
On insert/update I check if that unique value is valid.
If it is valid, I do the database stuff, remove the unique value from the session and redirect or refresh.
If it is not valid, I redirect.
This way even the backbutton can't break the update/delete and POST cannot be duplicate when users click the submit button twice.