Why are you sending a refresh on the result? That's probably resubmitting the form in some browsers.
But then I see people sending header refreshes all the time now, and I really have to ask "for what?"
You could also prevent accidental form resubmits by adding a hash or ID number in a hidden input, stored in a DB on the server. Check against that to see if the form has already been submitted. The way I like to handle it is when I send the form, I add a record to my 'validation' table containing a unique ID, a timestamp, and the users IP addy. When they submit, I expire all timestamps > 20 minutes old, then check if that ID is in the 'validation' table. If so, delete it and then send the form data to the proper db. If it's not in the table, I resend the form with everything plugged in just in case it took them that long to fill it out -- so they don't have to retype everything.