码迷,mamicode.com
首页 > 其他好文 > 详细

防表单重复提交

时间:2016-07-23 21:35:02      阅读:252      评论:0      收藏:0      [点我收藏+]

标签:防表单重复提交

防表单重复提交


1、令牌生成器


import java.security.MessageDigest;

import java.security.NoSuchAlgorithmException;

import java.util.Random;

import sun.misc.BASE64Encoder;


public class TokenProccessor {


    /*

     *单例设计模式(保证类的对象在内存中只有一个)

     *1、把类的构造函数私有

     *2、自己创建一个类的对象

     *3、对外提供一个公共的方法,返回类的对象

     */

    private TokenProccessor(){}

    

    private static final TokenProccessor instance = new TokenProccessor();

    

    /**

     * 返回类的对象

     * @return

     */

    public static TokenProccessor getInstance(){

        return instance;

    }

    

    /**

     * 生成Token

     * Token:Nv6RRuGEVvmGjB+jimI/gw==

     * @return

     */

    public String makeToken(){  //checkException

        //  7346734837483  834u938493493849384  43434384

        String token = (System.currentTimeMillis() + new Random().nextInt(999999999)) + "";

        //数据指纹   128位长   16个字节  md5

        try {

            MessageDigest md = MessageDigest.getInstance("md5");

            byte md5[] =  md.digest(token.getBytes());

            //base64编码--任意二进制编码明文字符   adfsdfsdfsf

            BASE64Encoder encoder = new BASE64Encoder();

            return encoder.encode(md5);

        } catch (NoSuchAlgorithmException e) {

            throw new RuntimeException(e);

        }

    }

}

2、把生成的令牌写到表单中


import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;


/**

 * Servlet implementation class RefuseRepeatSubmit

 */

public class CreateRefuseRepeatSubmitTokenServlet extends HttpServlet {

private static final long serialVersionUID = 1L;

       

    /**

     * @see HttpServlet#HttpServlet()

     */

    public CreateRefuseRepeatSubmitTokenServlet() {

        super();

        // TODO Auto-generated constructor stub

    }


/**

* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)

*/

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

String token = TokenProccessor.getInstance().makeToken();//创建令牌

System.out.println("在FormServlet中生成的token:"+token);

request.getSession().setAttribute("token", token);  //在服务器使用session保存token(令牌)

request.getRequestDispatcher("/form.jsp").forward(request, response);//跳转到form.jsp页面

}


/**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)

*/

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        doGet(request,response);

}


}

3、表单提交验证


import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;


/**

 * Servlet implementation class RefuseRepeatSubmitServlet

 */

public class RefuseRepeatSubmitServlet extends HttpServlet {

private static final long serialVersionUID = 1L;


/**

* @see HttpServlet#HttpServlet()

*/

public RefuseRepeatSubmitServlet() {

super();

// TODO Auto-generated constructor stub

}


/**

* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse

*      response)

*/

protected void doGet(HttpServletRequest request,

HttpServletResponse response) throws ServletException, IOException {

boolean b = isRepeatSubmit(request);// 判断用户是否是重复提交

if (b == true) {

System.out.println("请不要重复提交");

return;

}

request.getSession().removeAttribute("token");// 移除session中的token

System.out.println("处理用户提交请求!!");

}


/**

* 判断客户端提交上来的令牌和服务器端生成的令牌是否一致

* @param request

* @return true 用户重复提交了表单 false 用户没有重复提交表单

*/

private boolean isRepeatSubmit(HttpServletRequest request) {

String client_token = request.getParameter("token");

// 1、如果用户提交的表单数据中没有token,则用户是重复提交了表单

if (client_token == null) {

return true;

}

// 取出存储在Session中的token

String server_token = (String) request.getSession().getAttribute(

"token");

// 2、如果当前用户的Session中不存在Token(令牌),则用户是重复提交了表单

if (server_token == null) {

return true;

}

// 3、存储在Session中的Token(令牌)与表单提交的Token(令牌)不同,则用户是重复提交了表单

if (!client_token.equals(server_token)) {

return true;

}


return false;

}


/**

* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse

*      response)

*/

protected void doPost(HttpServletRequest request,

HttpServletResponse response) throws ServletException, IOException {

doGet(request, response);

}


}




本文出自 “德泽无忧” 博客,谢绝转载!

防表单重复提交

标签:防表单重复提交

原文地址:http://dezewuyou.blog.51cto.com/2628602/1829018

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!