Hello, I have a form where a user can search a text, the form is a client component so it calls a server action which then does a lookup on my DB, if it doesnt find anything it calls 3 external APIs, constructs an object and adds it to my DB. Then redirects to the results page. The results page is served at something like "results/id/{id}". The results page then queries my DB based on the id passed and shows the results.

My questions now are:
1) Would it make sense to send the object directly to the results page to save up on the initial query ? So I save up the object to my DB, then send it to the results page to display it so I dont have to query on result page load. If so how can I do that from a server action ?

2) What would be the best fetching strategy in my results page ? Check if the form sent data and display that or if not query my DB or simply always fetch from DB no matter what ?

3) What would then be the best way to handle the results page ? So there is the case that a user gets to it by using the form, but also someone can navigate directly to /resutls/id/{id} and put a random id. How can I make sure people dont really spam these pages and produce a lot of queries to my DB ?

EDIT: I realise rate limiting seems the obvious choice for my last question but I was wondering if theres a more efficient/idiomatic way