JSP avoids form duplicate submit three kinds of scheme _jsp programming

1 JavaScript, set a variable to allow only one submission at a time.

<script language= "JavaScript" >

var checksubmitflg = false;

function Checksubmit () {

if (CHECKSUBMITFLG = = True) {

return false;

}

CHECKSUBMITFLG = true;

return true;

}

Document.ondblclick = function Docondblclick () {

Window.event.returnValue = false;

}

Document.onclick = function Doconclick () {

if (CHECKSUBMITFLG) {

Window.event.returnValue = false;

}

}

</script>

　　

2 or JavaScript, put the submit button or image as disable

onsubmit= "Getelbyid (' submitinput '). Disabled = true; return true; " >

3 synchronization token mechanism using Struts

Using the synchronization token (Token) mechanism to solve the problem of repeated submissions in Web applications, struts also gives a reference implementation.

Basic principle:

The server side compares the token value contained in the request to the token value saved in the current user session before processing the incoming request to see if it matches. After the request is processed, and before the reply is sent to the client, a new token is generated, which, in addition to being passed to the client, replaces the old token saved in the user's session. In this way, if the user returns to the previous submission page and submits the message again, the token from the client is inconsistent with the server-side token, thereby effectively preventing the recurrence of the commit.

if (Istokenvalid (request, True)) {

Your code here

Return Mapping.findforward ("Success");

} else {

Savetoken (Request);

Return Mapping.findforward ("Submitagain");

}

Struts generates a unique (for each session) token based on the user's session ID and current system time, and the implementation can refer to the Generatetoken () method in the Tokenprocessor class.

1.//Verify the transaction control token,

2. In action:

<input type= "hidden" name= "Org.apache.struts.taglib.html.TOKEN"

Value= "6aa35341f25184fd996c4c918255c3ae" >

if (!istokenvalid (Request))

Errors.add (Actionerrors.global_error,

New Actionerror ("Error.transaction.token"));

Resettoken (Request); Remove tokens from session

3. Action has such a method of generating tokens

Protected String Generatetoken (HttpServletRequest request) {

HttpSession session = Request.getsession ();

try {

byte id[] = Session.getid (). GetBytes ();

byte now[] =

New Long (System.currenttimemillis ()). ToString (). GetBytes ();

MessageDigest MD = messagedigest.getinstance ("MD5");

Md.update (ID);

Md.update (now);

Return (Tohex (Md.digest ()));

catch (IllegalStateException e) {

return (NULL);

catch (NoSuchAlgorithmException e) {

return (NULL);

}

}