first.jsp 只有关键代码
<%
//生成一个令牌值
org.apache.struts.util.TokenProcessor.getInstance().saveToken(request);
%>
<form action="second.jsp" method="post">
<!-- org.apache.struts.action.TOKEN 不能修改 -->
<input type="hidden" name="org.apache.struts.taglib.html.TOKEN"
value="<%=session.getAttribute("org.apache.struts.action.TOKEN")%>" />
<label>username<input type="text" name="username" value="" /></label><br/>
<label>password<input type="text" name="password" value=""/></label><br/>
<label><input type="submit" name="Submit" value="Submit" /></label>
</form>
===============================================================
second.jsp
Thread.sleep(1500); //可以看到点击多次提交后的效果
String username="";
String password="";
String isNew = "OK";
//判断令牌是否和session中一样,true:同时生成新令牌,缺省isTokenValid(request)为false
if(org.apache.struts.util.TokenProcessor.getInstance().isTokenValid(request,true)) {
username=request.getParameter("username");
password=request.getParameter("password");
org.apache.struts.util.TokenProcessor.getInstance().resetToken(request);
} else {
org.apache.struts.util.TokenProcessor.getInstance().saveToken(request);
isNew = "重复提交";
}
%>
username:<%=username%>
<br/>
password:<%=password%>
<br/>
是否重复提交:<%=isNew %>
=================================================================
PS:这个方法并不阻止用户多次点击按钮,在first页面最好还是控制提交按钮
另外:
使用重定向防止F5刷新页面,也就是重复提交,然后在请求页面增加
<%
response.setHeader("Cache-Control","no-store");
response.setHeader("Pragrma","no-cache");
response.setDateHeader("Expires",0);
%>
利用<meta>
<meta http-equiv="Pragma" content="no-cache">