here's what i do to solve that problem (on a page the processes credit cards)
PAGE A: on the page where the user enters their card information; on load, make sure they can use sessions. set something like $_SESSION['ok_to_process'] = true;
then on the page that actually processes the card info have
PAGE B:<?php
if($_SESSION['ok_to_process'] && !isset($_SESSION['already_processed'])){
//... process their card
$_SESSION['already_processed'] = true; // or this could be their confirmation number or some other value
//then forward them to the confirmation page.
header("Location: PAGE_C.html");
}
?>
now, if they go back to the processing page it wont process their card again because the only way the script will work is if they came to the page from PAGE A and they haven't already had their card processed.