Three methods for JSP to avoid repeated form submission

Source: Internet
Author: User

1. Javascript. Set a variable and submit it only once.

<Script language = "JavaScript">

VaR checksubmitflg = false;

Function checksubmit (){

If (checksubmitflg = true ){

Return false;

}

Checksubmitflg = true;

Return true;

}

Document. ondblclick = function docondblclick (){

Window. event. returnvalue = false;

}

Document. onclick = function doconclick (){

If (checksubmitflg ){

Window. event. returnvalue = false;

}

}

</SCRIPT>

<HTML: Form Action = "myaction. Do" method = "Post" onsubmit = "Return checksubmit ();">

2 or Javascript. Set the submit button or image to disable.

<HTML: Form Action = "myaction. Do" method = "Post"

Onsubmit = "getelbyid ('submitinput'). Disabled = true; return true;">

<HTML: Image styleid = "submitinput" src = "images/OK _ B .gif" border = "0"/>

</Html: Form>

3. Use the struts synchronization token mechanism

The synchronization token mechanism is used to solve the problem of repeated submission in Web applications. Struts also provides a reference implementation.

Basic Principles:

Before processing the incoming request, the server compares the token value contained in the request with the token value saved in the current user session to see if it matches. After the request is processed and the reply is sent to the client, a new token will be generated. In addition to sending the token to the client, the old token saved in the user session is also replaced. In this way, if the user goes back to the submission page and submits the request again, the token sent from the client is inconsistent with the token sent from the server, effectively preventing repeated submission.

If (istokenvalid (request, true )){

// Your code here

Return Mapping. findforward ("success ");

} Else {

Savetoken (request );

Return Mapping. findforward ("submitagain ");

}

Struts generates a unique (for each session) token based on the user session ID and the current system time. For details, refer to the generatetoken () method in the tokenprocessor class.

1. // verify the transaction control token. <HTML: Form> an implicit input token is automatically generated based on the identifier in the session to prevent two commits.

2. In Action:

// <Input type = "hidden" name = "org.apache.struts.taglib.html. Token"

// Value = "6aa35341f25184fd996c4c918255c3ae">

If (! Istokenvalid (request ))

Errors. Add (actionerrors. global_error,

New actionerror ("error. transaction. Token "));

Resettoken (request); // Delete the token in the session

3. Action has such a method to generate a token

Protected string generatetoken (httpservletrequest request ){

Httpsession session = request. getsession ();

Try {

Byte ID [] = session. GETID (). getbytes ();

Byte now [] =

New Long (system. currenttimemillis (). tostring (). getbytes ();

Messagedigest MD = messagedigest. getinstance ("MD5 ");

Md. Update (ID );

Md. Update (now );

Return (tohex (Md. Digest ()));

} Catch (illegalstateexception e ){

Return (null );

} Catch (nosuchalgorithmexception e ){

Return (null );

}

}

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.