JAVA防止重复提交Web表单的方法
本文实例讲述了JAVA防止重复提交Web表单的方法。分享给大家供大家参考,具体如下:
package cn.com.form; import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Random; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import sun.misc.BASE64Encoder; //产生表单 public class FormServlet extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //产生随机数 TokenProcessor tp=TokenProcessor.getInstance(); String token=tp.generateToken(); request.getSession().setAttribute("token", token); request.getRequestDispatcher("/form.jsp").forward(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } } class TokenProcessor//令牌 { /* * 1.把构造函数私有 * 2.自己创建一个 * 3.对外暴露一个方法,允许获取上面创建的对象 * */ private static final TokenProcessor instance=new TokenProcessor(); private TokenProcessor(){} public static TokenProcessor getInstance() { return instance; } public String generateToken() { String token=System.currentTimeMillis()+new Random().nextInt()+""; try { MessageDigest md=MessageDigest.getInstance("md5"); byte[] md5=md.digest(token.getBytes()); //base64编码 BASE64Encoder encoder=new BASE64Encoder(); return encoder.encode(md5); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block throw new RuntimeException(e); } } }
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'form.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <form action="/Session/DoForm" method="post"> <input type="hidden" name="token" value="${token}"> 用户名:<input type="text" name="userName"> <input type="submit" value="提交"> </form> </body> </html>
package cn.com.form; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Servlet implementation class DoForm * 处理表单提交的请求 * */ public class DoForm extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { /*String userName=request.getParameter("userName"); try { Thread.sleep(1000*3); } catch (InterruptedException e) { // TODO Auto-generated catch block e.printStackTrace(); } System.out.println("向数据库提交注册用户..."); */ boolean b=isTokenValid(request); if(!b) { System.out.println("请不要重复提交!"); return; } request.getSession().removeAttribute("token"); System.out.println("向数据库中注册用户=="); } private boolean isTokenValid(HttpServletRequest request) { String client_token=request.getParameter("token"); if(client_token==null) { return false; } String server_token=(String)request.getSession().getAttribute("token"); if(server_token==null) { return false; } if(!client_token.equals(server_token)) { return false; } return true; } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
希望本文所述对大家Java web程序设计有所帮助。
赞 (0)