I thought that ad_sign was to verify that:
1) The form has not been changed (as per DB) 2) That no url surgery has taken place
I didn't think that ad_sign had anything to do with double-click protection.
R.
