JSP avoids form duplicate submit three kinds of scheme _jsp programming

Source: Internet
Author: User
Tags session id

1 JavaScript, set a variable to allow only one submission at a time.

<script language= "JavaScript" >

var checksubmitflg = false;

function Checksubmit () {

if (CHECKSUBMITFLG = = True) {

return false;

}

CHECKSUBMITFLG = true;

return true;

}

Document.ondblclick = function Docondblclick () {

Window.event.returnValue = false;

}

Document.onclick = function Doconclick () {

if (CHECKSUBMITFLG) {

Window.event.returnValue = false;

}

}

</script>

  

2 or JavaScript, put the submit button or image as disable

onsubmit= "Getelbyid (' submitinput '). Disabled = true; return true; " >

3 synchronization token mechanism using Struts

Using the synchronization token (Token) mechanism to solve the problem of repeated submissions in Web applications, struts also gives a reference implementation.

Basic principle:

The server side compares the token value contained in the request to the token value saved in the current user session before processing the incoming request to see if it matches. After the request is processed, and before the reply is sent to the client, a new token is generated, which, in addition to being passed to the client, replaces the old token saved in the user's session. In this way, if the user returns to the previous submission page and submits the message again, the token from the client is inconsistent with the server-side token, thereby effectively preventing the recurrence of the commit.

if (Istokenvalid (request, True)) {

Your code here

Return Mapping.findforward ("Success");

} else {

Savetoken (Request);

Return Mapping.findforward ("Submitagain");

}

Struts generates a unique (for each session) token based on the user's session ID and current system time, and the implementation can refer to the Generatetoken () method in the Tokenprocessor class.

1.//Verify the transaction control token,

2. In action:

<input type= "hidden" name= "Org.apache.struts.taglib.html.TOKEN"

Value= "6aa35341f25184fd996c4c918255c3ae" >

if (!istokenvalid (Request))

Errors.add (Actionerrors.global_error,

New Actionerror ("Error.transaction.token"));

Resettoken (Request); Remove tokens from session

3. Action has such a method of generating tokens

Protected String Generatetoken (HttpServletRequest request) {

HttpSession session = Request.getsession ();

try {

byte id[] = Session.getid (). GetBytes ();

byte now[] =

New Long (System.currenttimemillis ()). ToString (). GetBytes ();

MessageDigest MD = messagedigest.getinstance ("MD5");

Md.update (ID);

Md.update (now);

Return (Tohex (Md.digest ()));

catch (IllegalStateException e) {

return (NULL);

catch (NoSuchAlgorithmException e) {

return (NULL);

}

}

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.