Token can be used to prevent repeated page form submission problems when users refresh the page and click the back button:
The usage is as follows: (1) First, you must generate a token on a page to generate a random number.
You can create a page main. jsp
Then place a button or hyperlink on the page. The hyperlink points to an action class.
Used in this action class
This. savetoken (request); // generate token
Globals;
Return Mapping. findforward ("success"); // jump to the add page (2) Import the following two jar packages on the -- add page --
<% @ Page import = "org.apache.struts.taglib.html. constants" %>
<% @ Page import = "org. Apache. Struts. globals" %>
Then add a hidden domain on the page.
<Input type = "hidden" name = "<% = constants. token_key %>" value = "<% = session. getattribute (globals. transaction_token_key) %>"/>
The value in the name value here is fixed and cannot be changed. (3) In --- adduseraction -----, use istokenvalid (request) to verify the token. If the random number of token tokens generated is different
Go to the error page. If the difference is true, delete the token in the session and process the service.
If (! This. istokenvalid (request )){
Return Mapping. findforward ("error ");
}
This. resettoken (request );
// Follow the Business Code Note:
The name of hidden must be constants. token_key.
The value of hidden must be session. getattribute (globals. transaction_token_key) Repeated Page Submission Solution
Method 1: redirect to the new page after submission
<Forward name = "OK" Path = "/OK. jsp" Redirect = "true"/>
Set redirect = "true" to true;
Advantage: prevents users from clicking "refresh" to resubmit
Disadvantage: users cannot click "back" and submit again Method 2: Use the token mechanism provided by struts
Similar to watching a movie, buy a ticket first, and check the ticket before entering the venue
Advantages: "refresh" and "back" can be avoided
Disadvantage: Implementation is a little troublesome. |
