One solution to the problem of opening multiple pages with verification code at the same time

For details about how to use the jsp image Verification Code under Struts, refer to another article html "> jsp image verification code. The principle is to generate a four-digit Verification Code randomly, write it into the Session, and generate an image to display it. This leads to a problem. If multiple pages with verification code are opened at the same time, only the verification code on the final page passes verification. If the verification code is incorrect.

In fact, this problem was found when the verification code function was added, but it has not been changed, because few people open multiple login pages, even if an error occurs, refresh it once. Recently, the senior engineer in charge of the project has been focusing on this issue, so he has to change it.

The key code for this error is:

Request. getSession (). setAttribute ("checkcode", sRand );

That is to say, the verification code is generated every time in the checkcode variable of the Session. In this way, each generated Verification Code overwrites the previous value.

There are many solutions on the Internet, one of which is to add a timestamp to the Verification code.

Use the following code when saving the verification code to the Session:

String timestamp = (String) request. getQueryString (); // here is a parameter
Request. getSession (). setAttribute ("checkcode" + timestamp, sRand );

In fact, the principle is very simple, that is, adding a timestamp to distinguish the variables stored in the Session.

Add:

<Input id = "timestamp" type = "hidden" name = "timestamp" value = "">

Write a refresh script for the image at the same time.

Function loadimage (){
Var timestamp = (new Date (). valueOf (); // timestamp.
Document. getElementById ("randImage"). src = "<% = request. getContextPath () %>/image. jsp? "+ Timestamp;
Document. getElementById ("timestamp"). value = timestamp;
}

The server directly extracts the checkcode using the following code in form's validate.

String checkcode = (String) request. getSession (). getAttribute ("checkcode" + timestamp );

Remember to clean up the session as soon as you use it:

Request. getSession (). removeAttribute ("checkcode" + timestamp );

Reference: http://blog.kongxz.com/2010/01/solution-to-verifying-code-in-multiple-instances/