The only fix on this I can see would be on my end adding some kind of "wallet queue" to accounts where they can pre-make a batch of wallets to use (maybe even using the BIP32 suggestions), but my limited knowledge of BIP32 leads me to believe this would still require manual entry on the user part. If somebody else could generate the chain of public addresses to use, it seems like it wouldn't be very anonymous (they'd actually be able to follow all your transactions forever on that wallet-chain?).
BIP32 supports a hierarchy of pubkey seeds. So a user can generate a pubkey seed ONLY FOR YOUR SITE and upload it. Using that seed you can deterministically compute an infinite number of unique addresses in a sequence the user will expect.
Wallet support isn't there yet which is the only negative of moving forward at this time but in theory that is how it would work in the future. Your site would simply have user upload a seed for all their future pool payments. You will be unable to deterimine any of the addresses in the user's wallet. You will always be able to generate a new address. The same address never needs to be used twice. For added security you could lock the pubkey seed the same way you now lock a single address.