JAVA防止重复提交Web表单的方法
本文实例讲述了JAVA防止重复提交Web表单的方法。分享给大家供大家参考,具体如下:
packagecn.com.form;
importjava.io.IOException;
importjava.security.MessageDigest;
importjava.security.NoSuchAlgorithmException;
importjava.util.Random;
importjavax.servlet.ServletException;
importjavax.servlet.http.HttpServlet;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importsun.misc.BASE64Encoder;
//产生表单
publicclassFormServletextendsHttpServlet{
privatestaticfinallongserialVersionUID=1L;
protectedvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
//产生随机数
TokenProcessortp=TokenProcessor.getInstance();
Stringtoken=tp.generateToken();
request.getSession().setAttribute("token",token);
request.getRequestDispatcher("/form.jsp").forward(request,response);
}
protectedvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
doGet(request,response);
}
}
classTokenProcessor//令牌
{
/*
*1.把构造函数私有
*2.自己创建一个
*3.对外暴露一个方法,允许获取上面创建的对象
**/
privatestaticfinalTokenProcessorinstance=newTokenProcessor();
privateTokenProcessor(){}
publicstaticTokenProcessorgetInstance()
{
returninstance;
}
publicStringgenerateToken()
{
Stringtoken=System.currentTimeMillis()+newRandom().nextInt()+"";
try{
MessageDigestmd=MessageDigest.getInstance("md5");
byte[]md5=md.digest(token.getBytes());
//base64编码
BASE64Encoderencoder=newBASE64Encoder();
returnencoder.encode(md5);
}catch(NoSuchAlgorithmExceptione){
//TODOAuto-generatedcatchblock
thrownewRuntimeException(e);
}
}
}
<%@pagelanguage="java"import="java.util.*"pageEncoding="UTF-8"%>
<%
Stringpath=request.getContextPath();
StringbasePath=request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPEHTMLPUBLIC"-//W3C//DTDHTML4.01Transitional//EN">
<html>
<head>
<basehref="<%=basePath%>">
<title>MyJSP'form.jsp'startingpage</title>
<metahttp-equiv="pragma"content="no-cache">
<metahttp-equiv="cache-control"content="no-cache">
<metahttp-equiv="expires"content="0">
<metahttp-equiv="keywords"content="keyword1,keyword2,keyword3">
<metahttp-equiv="description"content="Thisismypage">
<!--
<linkrel="stylesheet"type="text/css"href="styles.css">
-->
</head>
<body>
<formaction="/Session/DoForm"method="post">
<inputtype="hidden"name="token"value="${token}">
用户名:<inputtype="text"name="userName">
<inputtype="submit"value="提交">
</form>
</body>
</html>
packagecn.com.form;
importjava.io.IOException;
importjavax.servlet.ServletException;
importjavax.servlet.http.HttpServlet;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
/**
*ServletimplementationclassDoForm
*处理表单提交的请求
*
*/
publicclassDoFormextendsHttpServlet{
privatestaticfinallongserialVersionUID=1L;
protectedvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
/*StringuserName=request.getParameter("userName");
try{
Thread.sleep(1000*3);
}catch(InterruptedExceptione){
//TODOAuto-generatedcatchblock
e.printStackTrace();
}
System.out.println("向数据库提交注册用户...");
*/
booleanb=isTokenValid(request);
if(!b)
{
System.out.println("请不要重复提交!");
return;
}
request.getSession().removeAttribute("token");
System.out.println("向数据库中注册用户==");
}
privatebooleanisTokenValid(HttpServletRequestrequest){
Stringclient_token=request.getParameter("token");
if(client_token==null)
{
returnfalse;
}
Stringserver_token=(String)request.getSession().getAttribute("token");
if(server_token==null)
{
returnfalse;
}
if(!client_token.equals(server_token))
{
returnfalse;
}
returntrue;
}
protectedvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
doGet(request,response);
}
}
希望本文所述对大家Javaweb程序设计有所帮助。