JAVA防止重复提交Web表单的方法

时间:2022-03-08 10:18:02

本文实例讲述了JAVA防止重复提交Web表单的方法。分享给大家供大家参考,具体如下:

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package cn.com.form;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sun.misc.BASE64Encoder;
//产生表单
public class FormServlet extends HttpServlet {
  private static final long serialVersionUID = 1L;
  protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    //产生随机数
    TokenProcessor tp=TokenProcessor.getInstance();
    String token=tp.generateToken();
    request.getSession().setAttribute("token", token);
    request.getRequestDispatcher("/form.jsp").forward(request, response);
  }
  protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    doGet(request,response);
  }
}
class TokenProcessor//令牌
{
  /*
   * 1.把构造函数私有
   * 2.自己创建一个
   * 3.对外暴露一个方法,允许获取上面创建的对象
   * */
  private static final TokenProcessor instance=new TokenProcessor();
  private TokenProcessor(){}
  public static TokenProcessor getInstance()
  {
    return instance;
  }
  public String generateToken()
  {
    String token=System.currentTimeMillis()+new Random().nextInt()+"";
    try {
      MessageDigest md=MessageDigest.getInstance("md5");
      byte[] md5=md.digest(token.getBytes());
      //base64编码
      BASE64Encoder encoder=new BASE64Encoder();
      return encoder.encode(md5);
    } catch (NoSuchAlgorithmException e) {
      // TODO Auto-generated catch block
      throw new RuntimeException(e);
    }
  }
}
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
 <head>
 <base href="<%=basePath%>">
 <title>My JSP 'form.jsp' starting page</title>
  <meta http-equiv="pragma" content="no-cache">
  <meta http-equiv="cache-control" content="no-cache">
  <meta http-equiv="expires" content="0">
  <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
  <meta http-equiv="description" content="This is my page">
  <!--
  <link rel="stylesheet" type="text/css" href="styles.css">
  -->
 </head>
 <body>
   <form action="/Session/DoForm" method="post">
     <input type="hidden" name="token" value="${token}">
     用户名:<input type="text" name="userName">
     <input type="submit" value="提交">
   </form>
 </body>
</html>
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package cn.com.form;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * Servlet implementation class DoForm
 * 处理表单提交的请求
 *
 */
public class DoForm extends HttpServlet {
  private static final long serialVersionUID = 1L;
  protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    /*String userName=request.getParameter("userName");
    try {
      Thread.sleep(1000*3);
    } catch (InterruptedException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }
    System.out.println("向数据库提交注册用户...");
    */
    boolean b=isTokenValid(request);
    if(!b)
    {
      System.out.println("请不要重复提交!");
      return;
    }
    request.getSession().removeAttribute("token");
    System.out.println("向数据库中注册用户==");
  }
  private boolean isTokenValid(HttpServletRequest request) {
    String client_token=request.getParameter("token");
    if(client_token==null)
    {
      return false;
    }
    String server_token=(String)request.getSession().getAttribute("token");
    if(server_token==null)
    {
      return false;
    }
    if(!client_token.equals(server_token))
    {
      return false;
    }
    return true;
  }
  protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    doGet(request,response);
  }
}

希望本文所述对大家Java web程序设计有所帮助。

标签:

相关文章