session防止表单重复提交
2012-11-07 11:37
246 查看
(1)包含有Form表单得页面必须通过一个服务器程序动态生成,服务器程序为每次产生得页面中的form表单都分配一个唯一得随机标识号,并在form表单得一个隐藏域 保存
(2)当用户提交form得时候,负责接受这一请求得服务器程序比较form表单隐藏字段中的标识号与存贮在session中的是否相同,当下列情情况时候,服务器程序将忽略提交请求:
a.当前用户session不存在表单标识
b.用户提交得表单数据并没有标识号字段
c.存贮在当前用户的session中得标识号与表单数据中的不同
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>RepeateForm.html</title>
<metahttp-equiv="keywords"content="keyword1,keyword2,keyword3">
<metahttp-equiv="description"content="this is my page">
<metahttp-equiv="content-type"content="text/html; charset=UTF-8">
<!--<link rel="stylesheet" type="text/css" href="./styles.css">-->
<scripttype="text/javascript">
var iscommitted = false;
function checkPost(){
if(!iscommitted){
document.getElementById("sub").disabled =turn;
iscimmitted = turn;
return trun;
}else{
// alert("不能重复提交表单!");
return false;
}
}
</script>
</head>
<body>
<formaction="/BookHistory/serlevt/RepeateFormServlet"method="poss"onsubmit="return checkPost()">
用户名:<inputtype="text"name="username"/><br>
<inputtype="submit"value="提交"id="sub"/>
</form>
</body>
</html>
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class FormDealServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/* String client_token = request.getParameter("token");
if(client_token==null){
return false;*/
boolean b = isTokenValidate(request);
if(!b){
System.out.print("请不要重复提交");
return;
}
request.getSession().removeAttribute("token");
System.out.print("项数据库注册用户信息。。。");
}
private boolean isTokenValidate(HttpServletRequest request){
String client_token = request.getParameter("token");
if(client_token==null){
return false;
}
String server_token=(String) request.getSession().getAttribute("token");
if(server_token==null){
return false;
}
if(!client_token.equals(server_token)){
return false;
}
return true;
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
}
}
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ForeGenerateServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/heml;charset=UTF-8");
PrintWriter out = response.getWriter();
//产生表单号
TokenProcessor tp = TokenProcessor.getInstance();
String token= tp.generateToken();
request.getSession().setAttribute("token", token);
out.print("<formaction='/BookHistory/servlet/FormDealServlet'method='post'/>");
out.print("<inputtype='hidden'name='token'value='"+token+"'/>");
out.print("用户名:<inputtype='text'name='username'/>");
out.print("<inputtype='submit'value='提交'/>");
out.print("</form>");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
}
}
package com.hbsi.servlet;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
import sun.misc.BASE64Encoder;
public class TokenProcessor {
private TokenProcessor(){
}
private static final TokenProcessor instance=new TokenProcessor();
public static TokenProcessor getInstance(){
return instance;
}
public String generateToken(){
int i= new Random().nextInt();
String token= System.currentTimeMillis()+i+"";
try {
MessageDigest md=MessageDigest.getInstance("md5");
byte[]md5 = md.digest(token.getBytes());
//base64编码
BASE64Encoder encoder = new BASE64Encoder();
encoder.encode(md5);
//return new String(md5);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
//e.printStackTrace();
throw new RuntimeException(e);
}
return null;
}
}
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class RepeateFormServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String username = request.getParameter("username");
try {
Thread.sleep(5*1000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
out.print("以处理你的信息");
System.out.println("向数据库注册信息……");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request,response);
}
}
(2)当用户提交form得时候,负责接受这一请求得服务器程序比较form表单隐藏字段中的标识号与存贮在session中的是否相同,当下列情情况时候,服务器程序将忽略提交请求:
a.当前用户session不存在表单标识
b.用户提交得表单数据并没有标识号字段
c.存贮在当前用户的session中得标识号与表单数据中的不同
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>RepeateForm.html</title>
<metahttp-equiv="keywords"content="keyword1,keyword2,keyword3">
<metahttp-equiv="description"content="this is my page">
<metahttp-equiv="content-type"content="text/html; charset=UTF-8">
<!--<link rel="stylesheet" type="text/css" href="./styles.css">-->
<scripttype="text/javascript">
var iscommitted = false;
function checkPost(){
if(!iscommitted){
document.getElementById("sub").disabled =turn;
iscimmitted = turn;
return trun;
}else{
// alert("不能重复提交表单!");
return false;
}
}
</script>
</head>
<body>
<formaction="/BookHistory/serlevt/RepeateFormServlet"method="poss"onsubmit="return checkPost()">
用户名:<inputtype="text"name="username"/><br>
<inputtype="submit"value="提交"id="sub"/>
</form>
</body>
</html>
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class FormDealServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/* String client_token = request.getParameter("token");
if(client_token==null){
return false;*/
boolean b = isTokenValidate(request);
if(!b){
System.out.print("请不要重复提交");
return;
}
request.getSession().removeAttribute("token");
System.out.print("项数据库注册用户信息。。。");
}
private boolean isTokenValidate(HttpServletRequest request){
String client_token = request.getParameter("token");
if(client_token==null){
return false;
}
String server_token=(String) request.getSession().getAttribute("token");
if(server_token==null){
return false;
}
if(!client_token.equals(server_token)){
return false;
}
return true;
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
}
}
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ForeGenerateServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/heml;charset=UTF-8");
PrintWriter out = response.getWriter();
//产生表单号
TokenProcessor tp = TokenProcessor.getInstance();
String token= tp.generateToken();
request.getSession().setAttribute("token", token);
out.print("<formaction='/BookHistory/servlet/FormDealServlet'method='post'/>");
out.print("<inputtype='hidden'name='token'value='"+token+"'/>");
out.print("用户名:<inputtype='text'name='username'/>");
out.print("<inputtype='submit'value='提交'/>");
out.print("</form>");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
}
}
package com.hbsi.servlet;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
import sun.misc.BASE64Encoder;
public class TokenProcessor {
private TokenProcessor(){
}
private static final TokenProcessor instance=new TokenProcessor();
public static TokenProcessor getInstance(){
return instance;
}
public String generateToken(){
int i= new Random().nextInt();
String token= System.currentTimeMillis()+i+"";
try {
MessageDigest md=MessageDigest.getInstance("md5");
byte[]md5 = md.digest(token.getBytes());
//base64编码
BASE64Encoder encoder = new BASE64Encoder();
encoder.encode(md5);
//return new String(md5);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
//e.printStackTrace();
throw new RuntimeException(e);
}
return null;
}
}
package com.hbsi.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class RepeateFormServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String username = request.getParameter("username");
try {
Thread.sleep(5*1000);
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
out.print("以处理你的信息");
System.out.println("向数据库注册信息……");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request,response);
}
}
相关文章推荐
- session实现防止用户重复提交表单
- javaweb基础(13)_session防止表单重复提交
- JavaWeb使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- JAVAWeb_利用Session防止表单重复提交:10-客户端防表单重复提交和服务器端session防表单重复提交
- JavaWeb学习总结——使用Session防止表单重复提交
- JavaWeb -- Session实例 -- 自动登录 和 防止表单重复提交(令牌产生器) MD5码
- session 防止表单重复提交
- session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- Session 防止表单重复提交
- 使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- 使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- [Java拾遗五]使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- JavaWeb学习总结(十三)——使用Session防止表单重复提交
- JavaWeb学习总结——使用Session防止表单重复提交