Java prevents forms from repeating commits

Source: Internet
Author: User

Use the session to prevent the form from repeating the submission

Idea: Generate a unique random token on the server side and save the token in the current user's session field. The token is then sent to the client's form form, using a hidden field in the form form to store the token, which is submitted to the server side with the token, Then on the server side to determine whether the client submitted tokens and server-side generated token is consistent, if not consistent, it is repeated commit, the server side can not process the duplicate submission of the form. If the same is done, the form submission is processed, and the identity string stored in the session field of the current user is cleared.
The server program will refuse to process user-submitted form requests:
1, tokens in the stored session field are different from the tokens submitted by the form.
2, token does not exist in the current user's session.
3, there is no token in the form data submitted by the user.

Code:

1 /**2 * Anti-duplication submission Tool class3  */4  Public classTokenutil {5     Private StaticString Repeat_submit_token = "Repeat_submit_token";6     Private StaticTokenutil instance =Newtokenutil ();7 8     PrivateTokenutil () {9 Ten     } One      A      Public Statictokenutil getinstance () { -         returninstance; -     } the  -      Public Static BooleanIstokenvalid (HttpServletRequest request) { -         returnInstance.istokenvalid (Request,true); -     } +  -      Public Static BooleanIstokenvalid (HttpServletRequest request,Booleanreset) { +HttpSession session = Request.getsession (false); A  at         if(Session = =NULL) { -             return false; -         } -  -String saved =(String) Session.getattribute (repeat_submit_token); -  in         if(Saved = =NULL) { -             return false; to         } +  -         if(reset) { the Instance.resettoken (request); *         } $ Panax NotoginsengString token =Request.getparameter (repeat_submit_token); -  the         if(token = =NULL) { +             return false; A         } the  +         returnsaved.equals (token); -     } $  $      Public Static voidResettoken (HttpServletRequest request) { -HttpSession session = Request.getsession (false); -  the         if(Session = =NULL) { -             return;Wuyi         } the  - Session.removeattribute (repeat_submit_token); Wu     } -  About      Public Static voidSavetoken (HttpServletRequest request) { $HttpSession session =request.getsession (); -String token =Instance.generatetoken (request); -  -         if(Token! =NULL) A Session.setattribute (Repeat_submit_token, TOKEN); +     } the      -      Public Static voidSavetoken (httpservletrequest request, Responsejson Responsejson) { $HttpSession session =request.getsession (); theString token =Instance.generatetoken (request); the  the         if(Token! =NULL) { the Session.setattribute (Repeat_submit_token, TOKEN); -         } in         if(Responsejson! =NULL) { the Responsejson.setrepeatsubmittoken (token); the         } About              the     } the  the     PrivateString Generatetoken (httpservletrequest request) { +HttpSession session =request.getsession (); -  the         returnGeneratetoken (Session.getid ());Bayi     } the  the     Privatestring Generatetoken (string id) { -         Try { -             LongCurrent =System.currenttimemillis (); theCurrent + =NewJava.util.Random (). Nextint (100); the  the             byte[] now =NewLong (current). ToString (). GetBytes (); theMessageDigest MD = messagedigest.getinstance ("MD5"); -  the md.update (Id.getbytes ()); the Md.update (now); the 94             returnTohex (Md.digest ()); the}Catch(nosuchalgorithmexception e) { the         } the         return NULL;98     } About  -     PrivateString Tohex (byte[] buffer) {101StringBuffer SB =NewStringBuffer (Buffer.length * 2);102 103          for(inti = 0; i < buffer.length; i++) {104Sb.append (Character.fordigit (Buffer[i] & 0xF0) >> 4, 16)); theSb.append (Character.fordigit (buffer[i) & 0xF, 16));106         }107 108         returnsb.tostring ();109     } the}

Java prevents forms from repeating commits

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.