JSP avoids the repetition of three scenarios submitted by Form

  • 2020-05-17 06:08:25
  • OfStack

1 javascript, set 1 variable, allow only 1 submission.
< script language="javascript" >
var checksubmitflg = false;
function checksubmit () {
if (checksubmitflg == true) {
return false;
}
checksubmitflg = true;
return true;
}
document.ondblclick = function docondblclick() {
window. event. returnvalue = false;
}
document. onclick = function doconclick() {
if (checksubmitflg) {
window. event. returnvalue = false;
}
}
< /script >
< html:form action="myaction.do" method="post" onsubmit="return checksubmit();" >
2 or javascript, set the submit button or image to disable
< html:form action="myaction.do" method="post"
onsubmit = "getelbyid (' submitinput). disabled = true; return true;" >
< html:image styleid="submitinput" src="images/ok_b.gif" border="0" / >
< /html:form >
3 take advantage of struts's synchronization token mechanism
The synchronization token (token) mechanism is used to solve the problem of repeated submissions in web applications. struts also provides a reference implementation.
Basic principles:
The server side compares the token value contained in the request with the token value stored in the current user session to see if it matches before processing the incoming request. After the request is processed, and before the reply is sent to the client, a new token will be generated that will not only pass to the client, but also replace the old token saved in the user session. In this way, if the user returns to the previous submission page and submits again, the token sent by the client will be different from the one sent by the server, thus effectively preventing the occurrence of repeated submissions.
if (istokenvalid (request true)) {
/ / your code here
success return mapping. findforward (" ");
} else {
savetoken (request);
submitagain return mapping. findforward (" ");
}
struts generates a 1-only (for each session) token based on the user session id and the current system time. The implementation can refer to the generatetoken() method in the tokenprocessor class.
1. // verify the transaction control token, < html:form > An implied input token is automatically generated based on the identifier in session to prevent two commits
2. In action:
// < input type="hidden" name="org.apache.struts.taglib.html.token"
/ / value = "6 aa35341f25184fd996c4c918255c3ae" >
if (! istokenvalid (request))
errors. add (actionerrors global_error,
new actionerror (" error. transaction. token "));
resettoken (request); // delete the token in session
3. action has a method to generate tokens
protected string generatetoken(httpservletrequest request) {
httpsession session = request. getsession ();
try {
byte id [] = session. getid () getbytes ();
byte now[] = new long(system.currenttimemillis ()).tostring().getbytes();
messagedigest md = messagedigest. getinstance (" md5 ");
md. update (id);
md. update (now);
return (tohex (md digest ()));
} catch (illegalstateexception e) {
return (null);
} catch (nosuchalgorithmexception e) {
return (null);
}
}

Related articles: